Apache, whitelist real IP address when using Cloudflare

Question

I want to limit access to my website to certain IP addresses. I want to do this from Apache.

I have tried:

RewriteCond %{X-Forwarded-For}i !^xxx\.xxx\.xxx\.xxx
RewriteRule   "^"  "-"  [F]

replacing xxx with my own IP address. However, I'm still denied access.

The reason I thought this would work is because using %{X-Forwarded-For}i in the Apache log DOES show me my own IP address, and not Cloudflare's:

LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" real_ip

I have seen this question CloudFlare and logging visitor IP addresses via in PHP, but it asks about PHP, not Apache. The Apache answer that was snuck in says to install Cloudflare's mod_cloudflare, but I'd hate to install something if it's not necessary.

I tried

%{HTTP_CF_CONNECTING_IP}i

based on the PHP answer, but it's nothing.

score 0 · Answer 1 · answered Oct 10 '19 at 01:28

0

You want something like this in your .htaccess:

SetEnvIf X-Forwarded-For 1.2.3.4$ coolpeople

<RequireAny>
    Require env coolpeople
</RequireAny>

answered Oct 10 '19 at 01:28

WackGet

2,667
3
36
50

Apache, whitelist real IP address when using Cloudflare

1 Answers1