Cloudflare Restoring original visitor IPs with mod_remoteip in CWP/Apache

In this tutorial we’ll going to learn how to configure Apache mod_remoteip in order to restore original ip when using cloudflare proxy. We’ve another blog post upon how we can configure mod_cloudflare to restore ip which for some are not at all working. This is the method which is working and recommended in cloudflare website.

So without wasting time lets get started with this simple steps. :

Step 1 :

Enabling mod_remoteip in Apache config :

sed -i '/LoadModule remoteip_module modules/ s/^#//g' /usr/local/apache/conf/httpd.conf  

Step 2 :

Now we’re going to configure cloudflare original ip config :

first of all create a file named “cloudflare.conf” in /usr/local/apache/conf.d

cd /usr/local/apache/conf.d
nano cloudflare.conf

then copy paste below config and save it :

#LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
RemoteIPHeader CF-Connecting-IP
RemoteIPTrustedProxy 173.245.48.0/20
RemoteIPTrustedProxy 103.21.244.0/22
RemoteIPTrustedProxy 103.22.200.0/22
RemoteIPTrustedProxy 103.31.4.0/22
RemoteIPTrustedProxy 141.101.64.0/18
RemoteIPTrustedProxy 108.162.192.0/18
RemoteIPTrustedProxy 190.93.240.0/20
RemoteIPTrustedProxy 188.114.96.0/20
RemoteIPTrustedProxy 197.234.240.0/22
RemoteIPTrustedProxy 198.41.128.0/17
RemoteIPTrustedProxy 162.158.0.0/15
RemoteIPTrustedProxy 104.16.0.0/12
RemoteIPTrustedProxy 172.64.0.0/13
RemoteIPTrustedProxy 131.0.72.0/22
RemoteIPTrustedProxy 2400:cb00::/32
RemoteIPTrustedProxy 2606:4700::/32
RemoteIPTrustedProxy 2803:f800::/32
RemoteIPTrustedProxy 2405:b500::/32
RemoteIPTrustedProxy 2405:8100::/32
RemoteIPTrustedProxy 2a06:98c0::/29
RemoteIPTrustedProxy 2c0f:f248::/32

*you can remove “#” uncomment from in front of LogFormat for customized log format.

Step 3 :

Restart Apache webserver and done :

systemctl restart httpd

or

service apache restart
Back to top button