I am trying to use Cloudflare for my website. As my website has a IP-check restriction I need the real IP from the visitor. I am using a shared server (Servertype: MariaDB) and therefor I can not use the plugin provided to do it serverside . So I am aware of the server logs not being what they should be.
While searching I came agros the following disucssion and I tried to implent the answer.
CloudFlare and logging visitor IP addresses via in PHP
Before Cloudflare I used the PHP function $_SERVER['REMOTE_ADDR'] which works fine and shows the real IP as it should. To get the real IP when using cloudflare I use the folowing code:
$userip = (isset($_SERVER["HTTP_CF_CONNECTING_IP"])?$_SERVER["HTTP_CF_CONNECTING_IP"]:$_SERVER['REMOTE_ADDR']);
I am aware this is not completly safe. But before implenting the dificult version I first need the simple one to work.
So the problem is.. This line of code still doesnt show the real IP of the visitor. Is there a extra setting or something that needs eneabling before this works on either cloudflare or apache/ php? I have been searching everywhere but besides the question noted here and cloudflare comunity telling me to search or ask here. I have not found any solution to my problem.
I also use the following in my htacces
# Security Headers
<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
Header set X-Frame-Options "SAMEORIGIN"
Header set X-Content-Type-Options "nosniff"
</IfModule>
