CloudFlare CSF visitors original IP
CloudFlare - cloudflare csf
cloudflare vs csf -

This features provides interaction with the CloudFlare Firewall
As CloudFlare is a reverse proxy, any attacking IP addresses (so far as
iptables is concerned) come from the CloudFlare IP's. To counter this, an
Apache module (mod_cloudflare) is available that obtains the true attackers
IP from a custom HTTP header record (similar functionality is available
for other HTTP daemons
However, despite now knowing the true attacking IP address, iptables cannot
be used to block that IP as the traffic is still coming from the CloudFlare
CloudFlare have provided a Firewall feature within the user account where
rules can be added to block, challenge or whitelist IP addresses
Using the CloudFlare API, this feature adds and removes attacking IPs from
that firewall and provides CLI (and via the UI) additional commands
See /etc/csf/readme.txt for more information about this feature and the
restrictions for its use BEFORE enabling this feature
I have to disable CloudFlare so I can benefit from CSF and mod-security blocking,
take this snippet from CSF docs and you will understand the issue
And I found the recommended solution by CSF docs isn't easy to be done for every client,
so I had to disable CloudFlare for now.


cdn , block


dns csf

cloud flare , csf !

cloud-flare Visitor

, IP

, bots seo track

dns dns



csf block panel emails
automatic manual cloudflare vs csf
block cloudflare block
block manual cloudflare .


block cloudflare

CloudFlare mod_cloudflare mod_remoteip ip