I am trying to prevent bad actors bypassing the Cloudflare servers and directly accessing the origin server IP. I added the following Cloudflare IPs to my htaccess:
Require ip 220.127.116.11/22 Require ip 18.104.22.168/22 Require ip 22.214.171.124/22 Require ip 126.96.36.199/12 Require ip 188.8.131.52/18 Require ip 184.108.40.206/22 Require ip 220.127.116.11/18 Require ip 18.104.22.168/15 Require ip 22.214.171.124/13 Require ip 126.96.36.199/20 Require ip 188.8.131.52/20 Require ip 184.108.40.206/20 Require ip 220.127.116.11/22 Require ip 18.104.22.168/17 Require ip 2400:cb00::/32 Require ip 2405:b500::/32 Require ip 2606:4700::/32 Require ip 2803:f800::/32 Require ip 2c0f:f248::/32 Require ip 2a06:98c0::/29
The problem with the above is that it causes problems with page rules that contain Bypass Cache. With bypass cache enabled, Cloudflare passes through the visitor’s IP address to my origin server (rather than a Cloudflare IP) and htacccess then blocks the visitor from viewing the webpage.
Does anyone have any workarounds or solutions to this?
I am on a Cloudflare Pro plan.