Mailing List Archive: Cloudflare logging and remote IP

Hi, I'd like to be able to track the original IP making requests, not
the cloudflare IP. How can I do that? It appears both mod_remoteip and
mod_cloudflare are extremely old, and mod_cloudflare is apparently
deprecated altogether.

Does it require rebuilding apache with the mod_remoteip source, as seems
to be indicated, and would code from 10 years ago even compile with the
current apache?

Is there a pre-existing package or module available for fedora? Other
ideas for doing this? Cloudflare also provides some php code to be added
to the <body> tag, but it doesn't actually update the access log with
this info.

https://support.cloudflare.com/hc/en-us/articles/200170786-Restoring-original-visitor-IPs#S7Z4EJQFN997YRY

Thanks,
Dave

--

DaveWreski

President & CEO

Guardian Digital, Inc.

We Make Email Safe

640-800-9446 <tel:640-800-9446>

dwreski@guardiandigital.com <mailto:dwreski@guardiandigital.com>

https://guardiandigital.com <https://guardiandigital.com>

103 Godwin Ave, Suite 314, Midland Park, NJ 07432

facebook <https://www.facebook.com/gdlinux>

twitter <https://twitter.com/gdlinux>

linkedin <https://www.linkedin.com/company/guardiandigital>

> Hi, I'd like to be able to track the original IP making requests, not the cloudflare IP. How can I do that? It appears both mod_remoteip and mod_cloudflare are extremely old, and mod_cloudflare is apparently deprecated altogether.

I’ve had good results with mod_remoteip and CloudFlare.

Only thing I had to do was enable the mod_remoteip module and add their known IP ranges to the config (I hope this is still current, you might find an updated list on their site):

# CloudFlare Header
RemoteIPHeader CF-Connecting-IP

# CloudFlare IPv4 Address Ranges
RemoteIPTrustedProxy 103.21.244.0/22
RemoteIPTrustedProxy 103.22.200.0/22
RemoteIPTrustedProxy 103.31.4.0/22
RemoteIPTrustedProxy 104.16.0.0/13
RemoteIPTrustedProxy 104.24.0.0/14
RemoteIPTrustedProxy 108.162.192.0/18
RemoteIPTrustedProxy 141.101.64.0/18
RemoteIPTrustedProxy 162.158.0.0/15
RemoteIPTrustedProxy 172.64.0.0/13
RemoteIPTrustedProxy 173.245.48.0/20
RemoteIPTrustedProxy 188.114.96.0/20
RemoteIPTrustedProxy 190.93.240.0/20
RemoteIPTrustedProxy 197.234.240.0/22
RemoteIPTrustedProxy 198.41.128.0/17
RemoteIPTrustedProxy 199.27.128.0/21

# CloudFlare IPv6 Address Ranges
RemoteIPTrustedProxy 2400:cb00::/32
RemoteIPTrustedProxy 2405:8100::/32
RemoteIPTrustedProxy 2405:b500::/32
RemoteIPTrustedProxy 2606:4700::/32
RemoteIPTrustedProxy 2803:f800::/32
RemoteIPTrustedProxy 2a06:98c0::/29
RemoteIPTrustedProxy 2c0f:f248::/32

This just worked, the logs and apps now see the original address.

Kind regards,
Walter Hop

> Does it require rebuilding apache with the mod_remoteip source, as seems to be indicated, and would code from 10 years ago even compile with the current apache?
>
> Is there a pre-existing package or module available for fedora? Other ideas for doing this? Cloudflare also provides some php code to be added to the <body> tag, but it doesn't actually update the access log with this info.
>
> https://support.cloudflare.com/hc/en-us/articles/200170786-Restoring-original-visitor-IPs#S7Z4EJQFN997YRY
>
> Thanks,
> Dave
>
> --
> Dave Wreski
> President & CEO
> Guardian Digital, Inc.
> We Make Email Safe
>
>
>
>
> 640-800-9446 <tel:640-800-9446>
> dwreski@guardiandigital.com <mailto:dwreski@guardiandigital.com>
>
> https://guardiandigital.com <https://guardiandigital.com/>
> 103 Godwin Ave, Suite 314, Midland Park, NJ 07432
>
>
> <https://www.facebook.com/gdlinux>
>
> <https://twitter.com/gdlinux>
>
> <https://www.linkedin.com/company/guardiandigital>
>
>
>