Hello,
I am struggling to get an acl working to reject traffic originating from servers protected by the Cloudflare network, while my servers are behind Cloudflare too …
So I allow only traffic from the Cloudflare network to HAProxy, since my server is behind Cloudflare too.
This is getting me a bit muddled … comparing the CF-Connecting-IP and X-Forwarded-For headers is making a royal mess.
I am able to block other proxy traffic, but how do I distinguish between “clean” proxied traffic via Cloudflare and “unwanted” server generted traffic from Cloudflare?
Would any of you be able to point me in the right direction please?
I am struggling to get an acl working to reject traffic originating from servers protected by the Cloudflare network, while my servers are behind Cloudflare too …
So I allow only traffic from the Cloudflare network to HAProxy, since my server is behind Cloudflare too.
This is getting me a bit muddled … comparing the CF-Connecting-IP and X-Forwarded-For headers is making a royal mess.
I am able to block other proxy traffic, but how do I distinguish between “clean” proxied traffic via Cloudflare and “unwanted” server generted traffic from Cloudflare?
Would any of you be able to point me in the right direction please?