REMOTE_ADDR variables gets different result from Cloudflare

When using Cloudflare, the REMOTE_ADDR server variable shows different results. Sometimes it shows the user’s IP and sometimes it shows my internal load balancer at the datacenter. I’m assuming that if I’m seeing my internal load balancer’s IP then cf is not sending it at all.

I don’t rewrite any variables in my load balancer or in my .htaccess file. I can’t find a pattern as to why or when cf puts the user’s IP in there. When I browse straight to my datacenter without going through cf it works every time. So cf is filling that variable in when it feels like it.

There has to be a way for me to turn that off or something. I have redundant load balancers in the datacenter itself so it’s good to log which load balancer handled the request when logging.

CF never “changes” the REMOTE_ADDR, it doesn’t try to forge its own IP to look like the user’s IP address or anything like that. Instead, it puts the user’s IP in the HTTP header “Cf-Connecting-IP”.

You need to make sure the way you obtain the IP is via this header (or rewrite REMOTE_ADDR on your server to pull from that header). This can be done with something like mod_remoteip for apache and ngx_http_realip_module for nginx.

1 Like

Here is an example of an IPv6 address showing up when my router has IPv6 disabled on it’s WAN address. Every other website such as ipchicken.com or whatismyip.com shows an IPv4 address that I’m used to seeing. When it goes through cloud flare it shows an IPv6 source address. It does not always do this as I stated in my original post. Most of the time it shows the IPv4 address but it’s hard to lock customers down to their NAT’d IP.

This topic was automatically closed after 30 days. New replies are no longer allowed.