Verifying the origin of WARP connections to a 3rd-party website

Do WARP IP addresses always correspond to the country that the end-user is coming from please?

We are looking for a way to ALLOW users of the Cloudflare WARP service to bypass proxy checks which are currently blocking users from our website.

Thanks!

Just to be clear, you are referring to random strangers accessing your Website. You have some rules in place to block VPN or proxy services. You do not want to block WARP+.

Generally, yes, but it is not a guarantee. Cloudflare WARP+ anonymises the client IP to the approximate location of the user. WARP+ does not allow the user to decide what their location will appear as, so no accessing BBC iPlayer pretending you are in the UK.

I don’t know of an easy way to identify WARP+ traffic.

1 Like

Hi Michael,

Yes, just to clarify, we’re seeing random web traffic coming from WARP and we have rules in place to block VPN/Proxy services.

Thank you, that is helpful, and if the service behaves in the way you’ve described, then that’s exactly what we need to be able to allow the traffic in question. We’ll monitor it, of course, but this is a very good start.

Thanks for your prompt reply.

Warmly,
Scott

Okay, thanks - we’ll check out those headers.

Appreciate your thoughts on this - thank you.

I’ve just checked and interestingly, these requests don’t appear to have CF- headers added to them…

@warnkale123 - I notice that your website is using Cloudflare nameservers. I know that this service will add the additional origin-user information to request headers since you are Cloudflare’s client. I suspect that they might not do this with the WARP service, given that we’re a third-party…

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.