bdistler Posted April 24, 2017 Posted April 24, 2017 the why see Cloudflare's "Why should I install mod_cloudflare?" at [ https://support.cloudflare.com/hc/en-us/articles/200170916 ] ### the how see Cloudflare's "Logging Real Visitor IP Addresses: mod_cloudflare for Apache httpd" at [ https://www.cloudflare.com/technical-resources/#mod_cloudflare ] ### I assume all accounts on the server - that use Cloudflare - will 'see' the visitor's real IP address when [ mod_cloudflare ] is installed on the server ### my issue with my addon domain that is set to use Cloudflare - is the honeypot can only 'see' Cloudflare's IP address (e.g. 'REMOTE_ADDR' => '162.158.255.81') ###
Krydos Posted April 24, 2017 Posted April 24, 2017 Why not just look at the log files on cloudflare's servers?
wolstech Posted April 24, 2017 Posted April 24, 2017 Why not just look at the log files on cloudflare's servers?I originally was going to say the same thing about this one...then I realized there are programs that need to see the client information to be useful (Analytics, GeoIP, etc.). Reading logs at CF is only a good solution when a human is doing the analysis. Otherwise you'd need to get the logs into your app via CF's API, then make software to somehow associate sessions with the IPs from the CF logs.
Krydos Posted April 24, 2017 Posted April 24, 2017 Well, I looked into it and it looks like it's going to be a massive pain to install and will likely break things due to easyapache. It's probably not worth the potential for downtime that it could cause on Tommy.
bdistler Posted April 24, 2017 Author Posted April 24, 2017 It's probably not worth the potential for downtime that it could cause on Tommy. I understand I will remove Cloudflare from any domain I leave on my HelioHost account
wolstech Posted April 24, 2017 Posted April 24, 2017 Someone made an addon for EA4: https://github.com/JPerkster/ea-apache24-mod_cloudflare and the official repo looks like it supports EA3: https://github.com/cloudflare/mod_cloudflare (I don't know which EA version we have). Would putting this on Johnny first be possible in case it breaks? (This IP issue is one of the reasons I personally don't use CF...I didn't know that CF actually had a fix for it...)
Krydos Posted April 25, 2017 Posted April 25, 2017 Nice googling skills. I was looking for that first link exactly. All I found was an EA3 module. I might be able to make it work without breaking things too bad if that link works. Alright, is mod_cloudflare working?
bdistler Posted April 25, 2017 Author Posted April 25, 2017 Alright, is mod_cloudflare working? works for me on server Tommy $_SERVER["HTTP_CF_CONNECTING_IP"] - is copied into - $_SERVER["REMOTE_ADDR"] - which is good ### now the issue is - is this done before or after the server looks at the [ .htaccess file ] (e.g.for "RewriteCond" and "order deny,allow") for site access control ### thanks
Krydos Posted April 25, 2017 Posted April 25, 2017 Probably before since it's an apache module. Test it out and let us know.
bdistler Posted April 25, 2017 Author Posted April 25, 2017 Probably before since it's an apache module. Test it out and let us know. looks like the server is using the connectiog IP when looking at the [ .htaccess ] - which is good and logs that IP - which is good I can now pass or block my IP by way of the [ .htaccess ] file - which is good I can no longer test if the hit is from a 'real' Cloudflare IP (that was in $_SERVER["REMOTE_ADDR"] ) - that is bad but not a show stopper ### your IP may or may not be blocked at [ http://bobdistler.com ] - ether way you should see "https" when it loads ###
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now