Getting Real IP Addresses Using CloudFlare, Nginx, and Varnish
March 6, 2012
One annoying issue, however, is the fact that because it’s a proxy you see incoming requests as coming from CloudFlare servers rather than the original client. So if you’re doing any cool data analytics on your server your source IP information will be borked.
There’s an easy way to fix it, however.
I run Nginx as my main webserver, and Ubuntu’s version of the app includes support for the http-real-ip module, which allows you to specify a set of proxy server IPs and the original IP header within the forwarded traffic so you can map it properly.
So, using Nginx, edit your nginx.conf file and add the following to your http section:
set_real_ip_from 126.96.36.199/22; set_real_ip_from 188.8.131.52/22; set_real_ip_from 184.108.40.206/22; set_real_ip_from 220.127.116.11/12; set_real_ip_from 18.104.22.168/18; set_real_ip_from 22.214.171.124/22; set_real_ip_from 126.96.36.199/18; set_real_ip_from 188.8.131.52/15; set_real_ip_from 184.108.40.206/13; set_real_ip_from 220.127.116.11/20; set_real_ip_from 18.104.22.168/20; set_real_ip_from 22.214.171.124/20; set_real_ip_from 126.96.36.199/22; set_real_ip_from 188.8.131.52/17; set_real_ip_from 2400:cb00::/32; set_real_ip_from 2606:4700::/32; set_real_ip_from 2803:f800::/32; set_real_ip_from 2405:b500::/32; set_real_ip_from 2405:8100::/32; set_real_ip_from 2c0f:f248::/32; set_real_ip_from 2a06:98c0::/29;
Restart Nginx and you’ll start seeing original IPs in your logs.
[ Apr 14, 2017 — I had the list of IPs here before but CloudFlare changes them often. Get the latest codeblock from them here. ]