iThemes blocking Cloudflare IPs

  • Resolved George

    (@subscriptiongroup)


    1 year, 9 months ago

    We use CloudFlare and it’s proxying the user IP addresses and passes their edge IP address instead.

    To bypass this issue we’ve added the following code in a mu-pluging

    <?php
if ( isset($_SERVER['HTTP_CF_CONNECTING_IP']) && !empty($_SERVER['HTTP_CF_CONNECTING_IP']) ) {
    $cloudflare_connecting_ip = explode(',', $_SERVER['HTTP_CF_CONNECTING_IP'] );
    if ( is_array($cloudflare_connecting_ip) && !empty($cloudflare_connecting_ip) ) {
        $_SERVER['REMOTE_ADDR'] = $cloudflare_connecting_ip[0];
    }
}

    This has resolved the issue for the rest of our code, but for some reason iThemes is still blocking the CloudFlare IPs instead of the actual user IPs.

    I understand it’s unlikely to add support for CloudFlare, but can you confirm what variable you use to block IPs, because $_SERVER['REMOTE_ADD'] is probably not the one.

Viewing 2 replies - 1 through 2 (of 2 total)
  • nlpro

    (@nlpro)

    1 year, 9 months ago

    Hi @subscriptiongroup,

    I understand it’s unlikely to add support for CloudFlare, but can you confirm what variable you use to block IPs, because $_SERVER['REMOTE_ADD'] is probably not the one.

    When you navigate to Security > Settings > CONFIGURE and you scroll down to the IP Detection section select Manual for PROXY DETECTION and then select CF-Connecting-IP for PROXY HEADER.

    Then click on the Save button.

    +++ To prevent any confusion, I’m not iThemes +++

    Thread Starter George

    (@subscriptiongroup)

    1 year, 9 months ago

    ah, that’s great, thanks @nlpro ! I wasn’t aware there was such an option and google search didn’t bring up any related solutions.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘iThemes blocking Cloudflare IPs’ is closed to new replies.