Unencrypt traffic to specific pages

We have two sites on our domain. My upcoming WordPress site and an old iFrame site that’s still being updated.

The other site’s administrator is working on an analytics tool. He says all the client ip’s are from Cloudflare, and I’m a little unsure how I can set it up to avoid that.

I’ve tried to setup a page rule like this:

It didn’'t seem to work.
I’m not so familiar with Cloudflare or server admininistration in general.
I’d appreciate every suggestion I may have missed!

  1. Geez, that setup stinks. You can’t put SSL on that iFrame?
  2. Cloudflare IPs? Your server isn’t restoring Visitor IP addresses (Support article down below).
  3. To fix the SSL issue, it takes a few things:
  • Turn off “Always Use HTTPS” in SSL/TLS -> Edge Certificates. Maybe "Automatic HTTPS rewrites as well.
  • Your current Page Rule is a good start…just make sure it’s Rule # 1
  • Make a Rule 2: Match example.com/* and add setting: Always Use HTTPS.

I should mention the two sites are separated on each server by a subdomain.

Our host, One.com, (we’ve been with them for the last 25 years) doesn’t give the option to install mod_remoteip or mod_cloudflare in Apache.

I’ve tried to setup the rules as you mentioned, but it didn’t seem to help. I still get ip responses from 141.101.104.x

I’m not sure what that has to do with the Page Rules I listed.

What I was trying to was to have origin IPs go to the server for everyone accessing /spm/ so that the analytics tool captures peoples IP and not the Cloudflare IP.

Isn’t that possible without adding that Apache mod?

Sorry if I didn’t explain it clear enough.

If it’s proxied, Cloudflare will send a header with the visitor’s IP address. mod_cloudflare and restore_ip both decode this for Apache, NGINX, and other servers. PHP can also decode this.

Here are a bunch of examples:

This topic was automatically closed after 31 days. New replies are no longer allowed.