Detect real IP when behind a proxy such as CloudFlare

Post Reply
DanH42
Junior Member
Posts: 5
Joined: 03 Jun 2014, 20:41

Detect real IP when behind a proxy such as CloudFlare

Post by DanH42 »

I'm running a cPanel server that sits behind CloudFlare. I've been using csf for a while on another cPanel server and found it incredibly useful, but it's next to useless when all traffic is coming from a small range of already-known IPs. A script like Flarewall is a good start, but still requires csf to know the correct IP to block. Is there a way to get csf to pick up on X-Forwarded-For or CF-Connecting-IP headers, and make decisions based off those? Combined with Flarewall, this would be a killer feature.

I've looked through the settings and there doesn't seem to be a feature like this, but if anyone knows a way I could possibly "fake" it, I'm open to suggestions and willing to tinker.
ForumAdmin
Moderator
Posts: 1502
Joined: 01 Oct 2008, 09:24

Re: Detect real IP when behind a proxy such as CloudFlare

Post by ForumAdmin »

There is no functionality in iptables to do that.
Post Reply