Cloudflare Restoring original visitor IPs with mod_remoteip in Apache Ubuntu/Plesk/HestiaCP

In this tutorial I’ll guide you how to install mod_remoteip an Apache module to restore original visitor’s ip When using cloudflare service. You may have encountered issue with cloudflare proxy ip when you checked the log and found all the ips are from cloudflare to cope with this situation we need to configure mod_remoteip with cloudflare’s trusted address. Lets get started :

Ensure you logged in as root user, ssh.

Step 1 :

Enable mod_remoteip :

a2enmod remoteip

Step 2 :

Now we need to modify and add some configs to apache2.conf

apt install nano
nano /etc/apache2/apache2.conf

Now add this line at the last of the config file :

RemoteIPHeader X-Forwarded-For

Now you need to replace the line for log format :

Find :

LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined

and replace that line with :

LogFormat "%a %h  %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

i.e. I’ve added only “%a”

Step 3 :

Then we need to create Apache Cloudflare trusted proxies conf file :

**create “remoteip.conf” file in location “/etc/apache2/conf-available/”

nano /etc/apache2/conf-available/remoteip.conf

Now paste this config and save it :

RemoteIPHeader CF-Connecting-IP
RemoteIPTrustedProxy 173.245.48.0/20
RemoteIPTrustedProxy 103.21.244.0/22
RemoteIPTrustedProxy 103.22.200.0/22
RemoteIPTrustedProxy 103.31.4.0/22
RemoteIPTrustedProxy 141.101.64.0/18
RemoteIPTrustedProxy 108.162.192.0/18
RemoteIPTrustedProxy 190.93.240.0/20
RemoteIPTrustedProxy 188.114.96.0/20
RemoteIPTrustedProxy 197.234.240.0/22
RemoteIPTrustedProxy 198.41.128.0/17
RemoteIPTrustedProxy 162.158.0.0/15
RemoteIPTrustedProxy 104.16.0.0/12
RemoteIPTrustedProxy 172.64.0.0/13
RemoteIPTrustedProxy 131.0.72.0/22
RemoteIPTrustedProxy 2400:cb00::/32
RemoteIPTrustedProxy 2606:4700::/32
RemoteIPTrustedProxy 2803:f800::/32
RemoteIPTrustedProxy 2405:b500::/32
RemoteIPTrustedProxy 2405:8100::/32
RemoteIPTrustedProxy 2a06:98c0::/29
RemoteIPTrustedProxy 2c0f:f248::/32

Next restart Apache service and check the log and check the real ips are now logging :

systemctl restart apache2

Cloudflare Restoring original visitor IPs with mod_remoteip in Apache Ubuntu/Plesk/HestiaCP

Install mod_evasive in CWP Apache and prevent from DDOS attacks

How to copy all Immutable files attribute from one server to another server

How to check SMTP port 25 is open for email sending out

How to Enable Query Cache in MariaDB for Performance in CWP/hestiacp/Centos/Ubuntu

Install Nodejs 18 on Centos Stream 8/9 Almalinux 8/9 Rockylinux 8/9

How to find Big files in Linux – CWP/Centos/Ubuntu/Debian

12 Systemctl commands list for System Admins

Handy CSF firewall Commands for System Admins