Dec 202012


When using Cloudflare, in order to retrieve the actual visitors IP that connect to your server, you must install mod_cloudflare. Normally when using Cloudflare, all of the IP’s that connect to your web server will come from a Cloudflare IP address. mod_cloudflare is an Apache module that forces Apache to log actual visitor IP addresses instead of cloudflare server IP’s. It can be installed on servers running cPanel, using the following commands:

cd /usr/local/src
wget --no-check-certificate
apxs -a -i -c mod_cloudflare.c
service httpd restart
/usr/local/cpanel/bin/apache_conf_distiller --update

More info can be found here for this particular issue of showing real IP’s instead of Cloudflare IP’s

Also the following information link may be of assistance when addressing this issue when using Nginx and Varnish:

mod_cloudflare cpan

There is also a mod_cloudflare cpanel plugin now. It requires that the user have a valid cloudflare API key, but it works well for cpanel, and multi domain deployment.

Install as follows:

cd /usr/local/cpanel
curl -k -L > cloudflare.tar.gz
tar -zxvf cloudflare.tar.gz


cd cloudflare-CloudFlare-CPanel-UNIQUE ID/cloudflare/

***Note, the UNIQUE ID is the name of the extracted folder. eg below:
This extracts a directory that includes a UNIQUE ID. For example, the directory will be in this format:

The UNIQUE ID is only: d03f3b8
The UNIQUE ID is not cloudflare-CloudFlare-CPanel-d03f3b8


Here is where the API and the user come in handy

./install_cf API HOST KEY mod_cf “YOUR COMPANY NAME”
(example for Awesome Hosting Company: ./install_cf 56yt8x9s987dfy4324bnv mod_cf “Awesome Hosting”)

Test with: cat etc/cloudflare.json
You should see output like:

root@server1 [/usr/local/cpanel]# cat etc/cloudflare.json
“host_key”:”32yt5a7b436tuy8974tre -”, (For security purposes, this will not be your host key.)
“host_formal_name”:”Awesome Hosting”,

Also, be sure to add into apf or csf allow the proper IP ranges for Cloudflare, which can be found here:


Share This!
 Posted by at 8:01 am

Sorry, the comment form is closed at this time.