Edit: Solution solved. Nothing to do with Cloudflare.
I’m currently running cPanel/WHM, and have Apache/Nginx installed and now just installed CSF. Unfortunately, CSF is not showing the actual visitors IP address so it isn’t blocking the bad attacks.
Anyway to fix this? Tried searching it up but didn’t get far.
Use something like this in ngnix
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2a06:98c0::/29;
set_real_ip_from 2c0f:f248::/32;real_ip_header CF-Connecting-IP;
These are IPs provided by Cloudflare.
That’s been in the nginx.conf, but for some reason, CSF detects the attacks coming from:
Apr 9 14:38:51 cpanel-web lfd[6003]: (CT) IP ::ffff:a29e:3f0e (Unknown) found to have 285 connections - Blocked in csf for 120 secs [CT_LIMIT]
make sure you only allow connections from cloudflare only and your ip.
They are, and CSF is the only thing having issues with the IP addresses.
What’s the issue with the IP addresses? I don’t think those are Cloudflare IPs, so is ::ffff:a29e:3f0e not the visitor’s IP address?
Currently trying to figure out how to configure CSF/NGINX/Cloudflare.
I disabled Nginx, and the IPs came through fine, but once enabled nginx, the IPs came through as ::ffff:a29e:3f0e again.
Further looking into it,
I’m having the same problem as him,
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
