這是本文件的舊版!


透過 Cloudflare 的用戶實際 IP 設定(Apache)

  1. 使用 root 權限操作

    sudo -i

  2. 啟動 remoteip

    sa2enmod remoteip

  3. 更新 000-default.conf 設定, 加入 RemoteIPHeader CF-Connecting-IP

    vi /etc/apache2/sites-available/000-default.conf

    :
            # modules, e.g.
            #LogLevel info ssl:warn
    
            RemoteIPHeader CF-Connecting-IP
            ErrorLog ${APACHE_LOG_DIR}/error.log
            CustomLog ${APACHE_LOG_DIR}/access.log combined
    
            # For most configuration files from conf-available/, which are
    :
  4. 設定 Cloudflare 的 IP

    vi /etc/apache2/conf-available/remoteip.conf

    RemoteIPHeader CF-Connecting-IP
    RemoteIPTrustedProxy 173.245.48.0/20
    RemoteIPTrustedProxy 103.21.244.0/22
    RemoteIPTrustedProxy 103.22.200.0/22
    RemoteIPTrustedProxy 103.31.4.0/22
    RemoteIPTrustedProxy 141.101.64.0/18
    RemoteIPTrustedProxy 108.162.192.0/18
    RemoteIPTrustedProxy 190.93.240.0/20
    RemoteIPTrustedProxy 188.114.96.0/20
    RemoteIPTrustedProxy 197.234.240.0/22
    RemoteIPTrustedProxy 198.41.128.0/17
    RemoteIPTrustedProxy 162.158.0.0/15
    RemoteIPTrustedProxy 104.16.0.0/12
    RemoteIPTrustedProxy 172.64.0.0/13
    RemoteIPTrustedProxy 131.0.72.0/22
    RemoteIPTrustedProxy 2400:cb00::/32
    RemoteIPTrustedProxy 2606:4700::/32
    RemoteIPTrustedProxy 2803:f800::/32
    RemoteIPTrustedProxy 2405:b500::/32
    RemoteIPTrustedProxy 2405:8100::/32
    RemoteIPTrustedProxy 2a06:98c0::/29
    RemoteIPTrustedProxy 2c0f:f248::/32
  5. 檢查設定格是是否有異常

    apache2ctl configtest

  6. 重新啟動 apache

    systemctl restart apache2

  • tech/cloudflare_proxy_real_ip.1638267887.txt.gz
  • 上一次變更: 2021/11/30 18:24
  • jonathan