Jump to content

Request To Add Cloudflare's [ Mod_Cloudflare ] To Server Tommy


bdistler

Recommended Posts

 

 

the why

see Cloudflare's "Why should I install mod_cloudflare?" at [ https://support.cloudflare.com/hc/en-us/articles/200170916 ]

###

 

the how

see Cloudflare's "Logging Real Visitor IP Addresses: mod_cloudflare for Apache httpd" at [ https://www.cloudflare.com/technical-resources/#mod_cloudflare ]

###

 

I assume all accounts on the server - that use Cloudflare - will 'see' the visitor's real IP address when [ mod_cloudflare ] is installed on the server

###

 

my issue with my addon domain that is set to use Cloudflare - is the honeypot can only 'see' Cloudflare's IP address (e.g. 'REMOTE_ADDR' => '162.158.255.81')

###

Link to comment
Share on other sites

Why not just look at the log files on cloudflare's servers?

I originally was going to say the same thing about this one...then I realized there are programs that need to see the client information to be useful (Analytics, GeoIP, etc.).

 

Reading logs at CF is only a good solution when a human is doing the analysis. Otherwise you'd need to get the logs into your app via CF's API, then make software to somehow associate sessions with the IPs from the CF logs.

Link to comment
Share on other sites

It's probably not worth the potential for downtime that it could cause on Tommy.

I understand

 

I will remove Cloudflare from any domain I leave on my HelioHost account

Link to comment
Share on other sites

Someone made an addon for EA4: https://github.com/JPerkster/ea-apache24-mod_cloudflare and the official repo looks like it supports EA3: https://github.com/cloudflare/mod_cloudflare (I don't know which EA version we have).

 

Would putting this on Johnny first be possible in case it breaks?

 

(This IP issue is one of the reasons I personally don't use CF...I didn't know that CF actually had a fix for it...)

Link to comment
Share on other sites

Alright, is mod_cloudflare working?

works for me on server Tommy

 

$_SERVER["HTTP_CF_CONNECTING_IP"] - is copied into - $_SERVER["REMOTE_ADDR"] - which is good

###

 

now the issue is - is this done before or after the server looks at the [ .htaccess file ] (e.g.for "RewriteCond" and "order deny,allow") for site access control

###

 

thanks

Link to comment
Share on other sites

Probably before since it's an apache module. Test it out and let us know.

looks like the server is using the connectiog IP when looking at the [ .htaccess ] - which is good

 

and logs that IP - which is good

 

I can now pass or block my IP by way of the [ .htaccess ] file - which is good

 

I can no longer test if the hit is from a 'real' Cloudflare IP (that was in $_SERVER["REMOTE_ADDR"] ) - that is bad but not a show stopper

###

 

your IP may or may not be blocked at [ http://bobdistler.com ] - ether way you should see "https" when it loads

###

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...