Cloudflare help

[rsunny2012]

Hello,

i am having the below 3 issues on my server

1. my website is hosted on my own server and i have enabled cloudflare as DNS. I am seeing that all new ip registrations, image uploads etc are showing as cloudflare ip. i have enabled mod_remoteip under apache server.
is there anything else should i do to get real ip ?

2. my website is running on 3.20.16. I have enabled all traffic from http://website.com to https://www.website.com via the below htaccess code

RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^(.*)$ https://www.website.net/$1 [R=301,L]

after i replace the htaccess code also redirection is not happening ?. how should i fix it ?

3. Under the dashboard i am seeing that cron is not running

• Cron last ran:2022-01-14 17:00:01 UTC — not running

but i see cron is running as per root and whenever any images ar egetting deleted, as per cron its deleting the physical image on the server as well
why i am seeing the cron not running on the webiste dashboard ?

 

[rsunny2012]

Hello,

Can anyone help with my issues

 

[JakeSully]

If I remember it right doesn't Cloudflare have setting themselves that will enable so visitors ip is revealed to server instead of cloud flares ip?

Also are you sing free Cloudflare or paid? since free one is not allowed to be used on image hosting, doing so will get your account quickly blocked from adding anymore sites and your current site will be deleted from Cloudflare.

So when you contact the support they will inform you that you require to purchase a monthly/yearly subscription of their paid service to use Cloudflare on a image host. But you will not be able to re-add your site on current account since it has violated their TOS when it comes to this rule.

 

[jahrinc]

For it to show the REAL IP you need to add the following to your conf. In this case click on Apache and follow the instructions. It's way easier on nginx, but it will work.

Restoring original visitor IPs

Learn how to configure mod_cloudflare to log your visitor’s original IP address based on your origin web server type (including Apache, nginx, Microsoft IIS, and others). Overview mod_remoteip mod_...

support.cloudflare.com

 

[Rodolfo]

Restoring original visitor IPs

Learn how to configure mod_cloudflare to log your visitor’s original IP address based on your origin web server type (including Apache, nginx, Microsoft IIS, and others). Overview mod_remoteip mod_...

support.cloudflare.com

I've some remarks on the instructions provided by CloudFlare.

1. The only methods which you may use to restore the original IP are those where you need to setup the CF proxy list.
2. The other methods are not secure. Do please don't use those!

This kind of method (no proxy setup needed):


Are UNSAFE as the visitor can spoof the IP. Do not save yourself 5 minutes and follow the proxy-based setups.

 

[rsunny2012]

I've some remarks on the instructions provided by CloudFlare.

1. The only methods which you may use to restore the original IP are those where you need to setup the CF proxy list.
2. The other methods are not secure. Do please don't use those!

This kind of method (no proxy setup needed):

View attachment 4673
Are UNSAFE as the visitor can spoof the IP. Do not save yourself 5 minutes and follow the proxy-based setups.

Rodolfo as a temporary measure, i want to update the config.php file
i dont see direct folder called library/config.php

can you please give me full path of the config. php file

 

[Rodolfo]

can you please give me full path of the config. php file

app/settings.php

Server Settings file | V3 Docs

Documentation for Chevereto image hosting software (V3)

v3-docs.chevereto.com

 

[rsunny2012]

I've some remarks on the instructions provided by CloudFlare.

1. The only methods which you may use to restore the original IP are those where you need to setup the CF proxy list.
2. The other methods are not secure. Do please don't use those!

This kind of method (no proxy setup needed):

View attachment 4673
Are UNSAFE as the visitor can spoof the IP. Do not save yourself 5 minutes and follow the proxy-based setups.

can you let us know what are the equivalent settings for getting the real ip for version 4 when cloudflare is enabled

Please note that the below command is not working

CHEVERETO_HEADER_CLIENT_IP

X-Real-IP

 

[Rodolfo]

when cloudflare is enabled

CHEVERETO_HEADER_CLIENT_IP indicates Chevereto which header to read the IP. It requires your server to provide that IP at the given header.

Docs: https://v4-docs.chevereto.com/application/stack/web-server.html#real-connecting-ip
Real example: https://github.com/chevereto/vps/blob/4.0/common/cf-remoteip.sh

When Cloudflare connects to your website it does using a Cloudflare IP and they pass a client IP header to your server. This header should be analyzed by your webserver to authorize its use only when the request is made from Clodflare, otherwise any attacker could spoof the client IP making the IP detection fragile and useless.

 

[rsunny2012]

Rodolfo,

in the env.php file if we keep as mentioned below, i am still unable to see the real ip

CHEVERETO_HEADER_CLIENT_IP

X-Real-IP

so what is the point of the above command under env.php ?

 

[Rodolfo]

so what is the point of the above command under env.php ?

Come on, I just described it.

Perhaps you should consider using our infra as it is ready to use with CloudFlare.