المساعد الشخصي الرقمي

مشاهدة النسخة كاملة : كلاود فلير CloudFlare حل مشكلة Restoring visitors IP with mod_remoteip



Rise Company
21-12-2021, 09:19
كلاود فلير CloudFlare حل مشكلة Restoring visitors IP with mod_remoteip
How to enable mod_remoteip - Restoring visitors IP with mod_remoteip
cpanel mod_remoteip - CloudFlare IPs still shown in netstat after mod_remoteip is enabled
WHMCS: Troubleshooting Server IP Address Appearing in Client Logs


Sometimes you'll have traffic come from another source such as Cloudflare, another proxy source, or a dedicated firewall. Apache offers mod_remoteip which will allow you to restore the original visitor address.

Apache's mod_remoteip allows Apache to extract the visitor IP from requests received from proxies and load balancers. This enables your website and logs to know the actual visitor IP, rather than the connection showing the proxy or load balancer's IP. This guide will cover how to install and configure mod_remoteip.

--------------------------------------------------
1- قم بتثبيت من داخل whm من المسار Home »Software »EasyApache 4
--------------------------------------------------

https://www.rise.company/upload/uploads/164007162336791.png

او من الامر

yum install ea-apache24-mod_remoteip

--------------------------------------------------
2- وضع RemoteIPHeader التى تعرف الايبيهات للزوار
--------------------------------------------------
هناك طريقتين اختر الاسهل لك

الطريقة الاولى

RemoteIPHeader should be replaced with the header used to pass the visitor IP from the proxy or load balancer. Typically,
this will be one of the following. Note that Nginx with Reverse Proxy (ea-nginx) uses the X-Forwarded-For header.



X-Forwarded-For
X-Client-IP
X-Cluster-Client-IP
CF-Connecting-IP


هناك 4 انواع كما فى الاعلى ظاهر , اختر واحد منهم
اما Nginx هو الاول X-Forwarded-For
الكلاود فلير هو الاخير CF-Connecting-IP

هناك ملفين يمكنك الاختيار اى واحد منهم لوضع القيم المطلوبة

من خلال whm من المسار
Home »Service Configuration »Apache Configuration »Include Editor

https://www.rise.company/upload/uploads/164007339802381.png
https://www.rise.company/upload/uploads/164007357260051.png
https://www.rise.company/upload/uploads/164007357267932.png

هذا الملف pre فاضى بداخله كانه custom مخصص لك
(select all versions), and insert this code:

https://www.rise.company/upload/uploads/16400782518271.png
الكود يختلف اما nginx او كلاود فلير cloudflare
ضع المناسب لك



<IfModule !mod_remoteip.c>
LoadModule remoteip_module modules/mod_remoteip.so
</IfModule>

<IfModule mod_remoteip.c>
# CloudFlare Header
RemoteIPHeader CF-Connecting-IP

# Trusted Proxy List
# note - using RemoteIPTrustedProxy instead of RemoteIPInternalProxy
# note - RemoteIPTrustedProxy does NOT trust Header provided private intranet addresses (local and LAN addresses)
# note - RemoteIPInternalProxy is a security risk when using an external Proxy

# CloudFlare IPv4 Address Ranges
RemoteIPTrustedProxy 173.245.48.0/20
RemoteIPTrustedProxy 103.21.244.0/22
RemoteIPTrustedProxy 103.22.200.0/22
RemoteIPTrustedProxy 103.31.4.0/22
RemoteIPTrustedProxy 141.101.64.0/18
RemoteIPTrustedProxy 108.162.192.0/18
RemoteIPTrustedProxy 190.93.240.0/20
RemoteIPTrustedProxy 188.114.96.0/20
RemoteIPTrustedProxy 197.234.240.0/22
RemoteIPTrustedProxy 198.41.128.0/17
RemoteIPTrustedProxy 162.158.0.0/15
RemoteIPTrustedProxy 104.16.0.0/12
RemoteIPTrustedProxy 172.64.0.0/13
RemoteIPTrustedProxy 131.0.72.0/22

# CloudFlare IPv6 Address Ranges
RemoteIPTrustedProxy 2400:cb00::/32
RemoteIPTrustedProxy 2606:4700::/32
RemoteIPTrustedProxy 2803:f800::/32
RemoteIPTrustedProxy 2405:b500::/32
RemoteIPTrustedProxy 2405:8100::/32
RemoteIPTrustedProxy 2a06:98c0::/29
RemoteIPTrustedProxy 2c0f:f248::/32
</IfModule>

من خلال هذا الامر يمكنك ايضا عمل ذلك

nano /etc/apache2/conf.d/includes/pre_virtualhost_global.conf



الطريقة الثانية
ننصح بها سهلة
وضع كود Header و IP فى ملف اخر داخل mod_remoteip.conf


nano /etc/apache2/conf.modules.d/370_mod_remoteip.conf
الرقم بالاحمر 370 رقم قد يختلف من سيرفر الى اخر مثلا : 360
عند فتح الملف هيكون به سطرين اسفله ضع الكود المطلوب

https://www.rise.company/upload/uploads/164007479837741.png

https://www.rise.company/upload/uploads/164008238882481.png


RemoteIPHeader X-Forwarded-For
RemoteIPTrustedProxy 140.90.30.111 140.90.30.222

هنا يتم وضع اي بي السيرفر ns1 و ns2 والفاصل بينهم مسافة space

--------------------------------------------------
3- اظهار الاى بى فى ملفات اللوج Log
--------------------------------------------------

هناك نوعين من Log الاول هو combined و الاخر comon اذهب الى المسار
Home » Service Configuration » Apache Configuration » Global Configuration

https://www.rise.company/upload/uploads/164007175606251.png

وقم بازالة حرف h وضع مكانها حرف a
And modify both of the LogFormat (combined, and common) by replace the "h" with an
"a".

من


LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common

الى


LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%a %l %u %t \"%r\" %>s %b" common


This format captures the header with the %h field which is the proxy address in our example.
Because we want the originating client IP address instead of the remote IP being logged, we replace this with an %a.

Save and restart Apache and that should handle this.

https://www.rise.company/upload/uploads/164008282183231.png
--------------------------------------------------

Test the configuration.


Run the following command to check the Apache configuration. Any errors will need to be resolved before proceeding.


apachectl -t
Restart Apache with the following command.



/scripts/restartsrv_httpd


المرجع:
https://support.cpanel.net/hc/en-us/articles/360051107513-Restoring-visitors-IP-with-mod-remoteip
https://support.cpanel.net/hc/en-us/articles/360051673894-How-to-enable-mod-remoteip
https://httpd.apache.org/docs/2.4/mod/mod_log_config.html#formats
https://forums.cpanel.net/threads/visitor-ips-in-logs-using-cloudflare.594027/
https://www.ucartz.com/clients/index.php?rp=/knowledgebase/495/Install-mod_remoteip-on-cPanel.html
https://support.cloudflare.com/hc/en-us/articles/200170786-Restoring-original-visitor-IPs#C5XWe97z77b3XZV
https://serverok.in/install-mod_remoteip-in-cpanel-server
https://forums.cpanel.net/threads/help-for-configure-mod_remoteip-for-cloudflare-i-dont-know-the-correct-method.667129/
https://www.vpsblocks.com.au/support/Knowledgebase/Article/View/423/0/restoring-original-visitor-ip-for-cpanel-apache-under-cloudflare
https://support.cpanel.net/hc/en-us/articles/1500003729742-CloudFlare-IPs-still-shown-in-netstat-after-mod-remoteip-is-enabled
https://devanswers.co/get-real-client-ip-address-cloudflare-apache-php/
https://help.whmcs.com/m/troubleshooting/l/799757-troubleshooting-server-ip-address-appearing-in-client-logs

Rise Company
21-12-2021, 10:28
mod_remoteip was enabled, why do I still see CloudFlare IPs when I execute "netstat"?


The "netstat" command will review network data that your server receives. From a network standpoint, CloudFlare is connecting to your server. The data that CloudFlare sends to the webserver in headers would contain the IP that you are looking for. Apache's mod_remoteip will extract the IP from those headers and place them in your logs. As a result, you will see the real IP in logs, but not within "netstat" output.

---------------------------------------