I have an issue with using fail2ban with Cloudflare. Fail2ban effectively bans IPs with Cloudflare paused. However, when Cloudflare is enabled, though the fail2ban log records the IP as blocked, it nevertheless can still access the site. I have mod_remoteip installed.
I have read this post:
Sandro’s solution makes a lot of sense:
" The only possibly explanation could be that you call fail2ban before you rewrite the address. In that case switch the order of these two calls/plugins, so that fail2ban takes the actual client address."
But, how do I change the order of fail2bann and mod_remoteip? I presumed this had to do with the virtual hosts file. I have an Ubuntu Linux Apache server. I looked up the Apache documentation and I tried adding directives taken from there but only succeeded in breaking Apache.
I’m lost. Can anyone point me in the right direction?