As Cloudflare is a reverse proxy, any attacking IP addresses (so far as iptables is concerned) come from the Cloudflare IP's. To counter this, an Apache module mod_cloudflare is available that obtains the true attackers IP from a custom HTTP header record (similar functionality is available for other HTTP daemons.
Restoring Original Visitor IP Addresses
Install the mod_cloudflare module. This will make sure that the users real IP address is reported correctly in the web server logs.
Centos/RHEL/CloudLinux
Plesk maintains their own mod_cloudflare pacakges so it should be a simple process to install.
// install the mod_cloudflare package
yum install mod_cloudflare
// restart apache
systemctl restart httpd
Debian/Ubuntu
Plesk does not maintain the mod_cloudflare module on Debian/Ubuntu so users must use install the repository provided by Cloudflare. See https://pkg.cloudflare.com/ for more information.
Add the Cloudflare Network Ranges To Ignore
- Navigate to Juggernaut Firewall -> Ignore
- Click the Advanced button and add the Cloudflare network ranges to ignore so the login failure daemon will never block them.
- Click the Update button to save your settings.
- Click the Restart button to restart the firewall and login failure daemon.
Enable Cloudflare Support
- Navigate to Juggernaut Firewall -> Settings -> Other -> Cloudflare Settings
- Check the Cloudflare firewall checkbox to enable Cloudflare support.
- Click the Update button to save your settings.
- Click the Restart button to restart the firewall and login failure daemon.
Add Your CloudFlare API Keys
- Navigate to Juggernaut Firewall -> Settings -> Other -> Cloudflare Settings -> Cloudflare Users
- Click the Add button on the grid to add any Cloudflare user API keys (CSF uses the older API keys not API tokens)
- Click the Submit button to save your settings.
- Click the Restart button on the grid to restart the firewall and login failure daemon.
Add the Cloudflare Actions Widget To The Dashboard
- Navigate to Juggernaut Firewall -> Dashboard
- Click the Add Widget button on the top right of the dashboard.
- Click the Add Widget button below the Cloudflare Actions widget.