Hacker News new | ask | show | jobs
by jgoyvaerts 1746 days ago
You left out the part where the requests are coming from Cloudflare IPs.
2 comments
scrollaway 1746 days ago
Cloudflare is a reverse proxy so all requests would be coming from cloudflare. Did the author look at the x-forwarded-for IPs?
link
mixologic 1746 days ago
It really depends on whether all traffic from cloudflare IP's or just the most frequent ones. If the former, then they have configured nginx wrong and are logging the wrong source ip.
link
scrollaway 1746 days ago
I don't see evidence they aren't logging the wrong source IP (which is the default format with nginx, which the author is using).

These are extraordinary claims, which require extraordinary evidence.

link
donmcronald 1746 days ago
Typically when you're using Cloudflare you configure your origin firewall to drop traffic that doesn't come from Cloudflare [1]. What would be the point of using Cloudflare if you also accept traffic that bypasses Cloudflare? How would you even set up the DNS for that?

1. https://www.cloudflare.com/ips/

link
luckylion 1746 days ago
No. If you're a CF customer, all traffic comes from Cloudflare IPs, that's how it works, they're providing a reverse proxy for you.
link