Restoring original visitor IPs - Option 1: Installing mod_cloudflare

Learn how to install mod_cloudflare and log your visitor’s original IP address at your origin server. Learn how to remove mod_cloudflare. 


Overview

Cloudflare no longer updates and supports mod_cloudflare, starting with versions Debian 9 and Ubuntu 18.04 LTS of the Linux operating system. We now support mod_remoteip for customers using Apache web servers. Customers who are interested in building the mod_cloudflare package can download the codebase from GitHub.

When your website traffic is routed through the Cloudflare network, we act as a reverse proxy. This allows Cloudflare to speed up page load time by routing packets more efficiently and caching static resources (images, JavaScript, CSS, etc.). As a result, when responding to requests and logging them, your origin server returns a Cloudflare IP address.

For example, if you install applications that depend on the incoming IP address of the original visitor, a Cloudflare IP address is logged by default. The original visitor IP address appears in an appended HTTP header called CF-Connecting-IP. With the mod_cloudflare tool, you can log the original visitor IP address at your origin server.

The diagram below illustrates the different ways that IP addresses are handled with and without Cloudflare.

200170916_mod_cloudflare.png


Installing mod_cloudflare

There are two methods for installing mod_cloudflare: by downloading packets or scripts from our technical resources, or by adding code to your origin web server.

Downloading packets or scripts

There are four options for installing mod_cloudflare using packets or scripts:

1. Packages

The packages will only work for RedHat / CentOS / CloudLinuxDebian 9 and Ubuntu 18.04 LTS of the Linux operating system.

2. Via cPanel Servers

3. Manual Installation: RedHat/CentOS/CloudLinux

4. Manual Installation: Debian/Ubuntu

For more information on these four options, follow the installation steps described on our Downloads page.

If you are using a Joyent machine, refer to this third-party tutorial.

Adding code to your origin web server

If you can't install mod_cloudflare, or if there is no Cloudflare plugin available for your content management system platform to restore original visitor IP, add this code to your origin web server in or before the <body> tag on any page that needs the original visitor IPs:

<?php if (isset($_SERVER['HTTP_CF_CONNECTING_IP']))
 $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];>
This will only make the IP address available to scripts that need it. It doesn’t store the IP in your actual server logs.

Removing mod_cloudflare

Apache

To remove mod_cloudflare, you should comment out the Apache config line that loads mod_cloudflare.

This varies based on your Linux distribution, but for most people, if you look in /etc/apache2, you should be able to search to find the line:

LoadModule cloudflare_module

Comment or remove this line, then restart apache, and mod_cloudflare should be gone.

If you are running Ubuntu or Debian, you should see a

file/etc/apache2/mods-enabled/cloudflare.load

Delete this file to remove mod_cloudflare, then restart Apache.

Nginx

Mod_cloudflare is installed by modifying the nginx configuration file nginx.conf with the ngx_http_realip_module.

To remove mod_cloudflare you should comment or remove this line, then restart nginx, and mod_cloudflare should be gone.

To remove mod_cloudflare from other web server types, consult your web server documentation for how to remove modules.

Related resources

Not finding what you need?

95% of questions can be answered using the search tool. This is the quickest way to get a response.

Powered by Zendesk