How is your website routed when behind Cloudflare?
Example. If you have a wordpress website running behind NGINX and you face an issue with spam. You would want to see the IP addresses of the users who are spamming your website. Normally, without cloudflare it is straight forward, you just look up in NGINX access log file and get the client IP addresses. But when the website is behind Cloudflare, you’ll see Cloudflare’s IP instead of user’s real IP.
The following diagram illustrates the different ways that IP addresses are handled with and without Cloudflare.
How to find real ip address behind cloudflare?
Solution: There is an easy fix for this. You just need to tell you webserver, in this case NGINX that whenever it is a cloudflare IP, tell me the real user’s IP. In this case we will use Module ngx_http_realip_module.
Where can I find Cloudflare IP ranges?
Cloudflare publishes their IP ranges at https://www.cloudflare.com/en-gb/ips. They often update thes IPS. So it becomes repetitive task keep updating these Nginx headers. That is why we have made this little script to always show the latest header rules based on current cloudflare IP address ranges.
Cloudflare Real IP header (Updated Daily)
You can just copy and paste the code from the next block into you NGINX server block and then you will start seeing real IP addresses of users on your website.
Note: You may have to change your code to look for IP addresses in CF-Connecting-IP header.
# (last updated 15 Aug 2022)