Get real IP address of visitor for Cloudflare nGinx solution

When you have setup your web sites on cloudflare, every visitor who visits your web site passes through cloudflare network so that his real IP gets changed into cloudflare’s IP address, in short cloudflare acts as proxy server for your web server.
For apache web server, cloudflare has already provided a module which can be installed to get real ip address of visitor.

Here it is :

https://support.cloudflare.com/hc/en-us/sections/200038166-How-do-I-restore-original-visitor-IP-to-my-server-logs-

Well they do not provide any module for nGinx, however it is built in function in nGinx server. You can enable it by adding following below code into your nginx.conf

Follow below steps:

Find nginx.conf file if you do not know the exact location from SSH:

# locate nginx.conf

Add below code in nginx.conf under http section:

set_real_ip_from   204.93.240.0/24;
set_real_ip_from   204.93.177.0/24;
set_real_ip_from   199.27.128.0/21;
set_real_ip_from   173.245.48.0/20;
set_real_ip_from   103.22.200.0/22;
set_real_ip_from   141.101.64.0/18;
set_real_ip_from   108.162.192.0/18;
real_ip_header     CF-Connecting-IP;

Now save changes and restart your nginx server

service nginx restart

That is all, now you will be able to get real ip address of the visitor.

Comments are welcome.

How to disable DNS recursion on kloxo

Here is the quick code to disable DNS recursion on kloxo based server:

Login to SSH with root credential

Find the “named” configuration file:

# locate named.conf

For chrooted system:

Output : /var/named/chroot/etc/named.conf

Edit the file named.conf

# nano /var/named/chroot/etc/named.conf

In updated Kloxo following is the options file:

# nano /var/named/chroot/etc/global.options.named.conf

Add following code at the end of named.conf file and save changes by CTRL+O:

options {allow-recursion {127.0.0.1; };};

Exit from text editor (For nano)

CTRL+X

Restart named services:

service named restart

That is all : )