We are using Power School with Cloudflare and the issue is that Cloudflare uses on IP address to connect and then a second IP address to represent the client address. Power School believes it is a hacking attempt since the connecting IP and the IP representing the client are not the same. I have tried everything to resolve the issue including firewall rules, page rules, and apps with no success. The error from Power School is below. If anyone has a solution, we would greatly appreciate it!
<2020-10-17 12:39:53,217> INFO [Web Handler 117514] : 220.127.116.11 (Claimed for xx.xxx.xx.xxx) 0 SESSION SECURITY VIOLATION: Cookie for UID (10A7502) coming from different IP. Login on 18.104.22.168; cookie on 22.214.171.124; XFF=xx.xxx.xx.xxx TP=!; HACK ATTEMPT; No session for user