Original visitor IPs is not preserved

karen11 · March 2, 2023, 8:40pm

I’m trying to restore the request original ip address from the following headers:

[‘X-Forwarded-For’] and [‘CF-Connecting-IP’], however, the IP address I get points to Cloudflare’s nearby data center.
Does this need to be configured manually from somewhere or does it works oob?

michael · March 2, 2023, 9:49pm

OOB.

Is this a standard hostname, a Worker or something else?

Have you followed the docs:

https://support.cloudflare.com/hc/en-us/articles/200170786-Restoring-original-visitor-IPs

karen11 · March 2, 2023, 11:48pm

yes I followed the docs and added these to my nginx.conf

set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 104.16.0.0/13;
set_real_ip_from 104.24.0.0/14;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2a06:98c0::/29;
set_real_ip_from 2c0f:f248::/32;
real_ip_header CF-Connecting-IP;

it’s a subdomain call, something like api.mydomaincom/aa/aaa which is being handled by nginx docker container which routes the request to another docker container.

I don’t know, how but after a couple try I no longer get Cloudflare’s IP, instead when I lookup the new IP it belongs to Akamai International BV

karen11 · March 3, 2023, 12:49am

I have another domain that is also being handled by Cloudflare and requests get routed to the exact same machine. In this case, nginx can see the correct IP.

update:
registered a subdomain for the second domain, and the IP is not being preserved again.
calling without subdomain everything is fine

DarkDeviL · March 3, 2023, 7:43am

If that’s the case, I would look at the configuration again, especially the specific place in your configuration, where you added that option to restore IP addresses.

A lot of things can be configured both so they are only effective for one individual domain, but also so they are effective “globally” (e.g. for all hosted domains).

karen11 · March 3, 2023, 1:14pm

I think I know what is causing the issue.
It seems configs are correct. I am using Firefox and Safari with custom privacy configs and it looks they both route traffic through their own proxies.
I’m also using Postman for API call testing and the same issue with Postman.
When I use Google Chrome, everything is just fine.

karen11 · March 3, 2023, 1:27pm

I apologize for too many posts, can’t find how to edit my post to post an update.

while google chrome is ok, I can still see my original IP with Firefox and Safari when visiting IP lookup websites.
So they can somehow see the original IP even with multiple proxies in front.

system · March 6, 2023, 1:27pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.