search

blackdotsh / getIPIntel

IP Intelligence is a free Proxy VPN TOR and Bad IP detection tool to prevent Fraud, stolen content, and malicious users. Block proxies, VPN connections, web host IPs, TOR IPs, and compromised systems with a simple API. GeoIP lookup available.
http://getipintel.net
309 stars 50 forks source link

Cloudflare IP's are getting caught in VPN filter #15

Closed Newcool1230 closed 5 years ago

Newcool1230 commented 5 years ago

Hello,

I have Cloudflare to protect my website from DDOS attacks. If I use the PHP Proxy Detection API, it will only detect Cloudflare IP's.

Do you have a proper way to bypass this, so I can implement it on my website?

Regards, Mike

blackdotsh commented 5 years ago

If you look at Cloudflare's documentation:

https://support.cloudflare.com/hc/en-us/articles/200170986-How-does-Cloudflare-handle-HTTP-Request-headers-

CF-Connecting-IP

To provide the client (visitor) IP address for every request to the origin, Cloudflare adds the CF-Connecting-IP header.

"CF-Connecting-IP: A.B.C.D"

Where A.B.C.D is the client's IP address, also known as the original visitor IP address.

So instead of $ip=$_SERVER['REMOTE_ADDR'];

you would use $ip=$_SERVER["HTTP_CF_CONNECTING_IP"];