[How-to] Show real IPs in OpenLitespeed with CloudFlare enabled

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
10,625
Location
LT, EU
Edit /usr/local/lsws/conf/httpd-accesscontrol.conf, find:
Code:
allow                                   ALL

Replace with (IPs from https://www.cloudflare.com/ips/):
Code:
allow                                   ALL, 173.245.48.0/20T, 103.21.244.0/22T, 103.22.200.0/22T, 103.31.4.0/22T, 141.101.64.0/18T, 108.162.192.0/18T, 190.93.240.0/20T, 188.114.96.0/20T, 197.234.240.0/22T, 198.41.128.0/17T, 162.158.0.0/15T, 104.16.0.0/12T, 172.64.0.0/13T, 131.0.72.0/22T, 2400:cb00::/32T, 2606:4700::/32T, 2803:f800::/32T, 2405:b500::/32T, 2405:8100::/32T, 2a06:98c0::/29T, 2c0f:f248::/32T

Copy the file to CustomBuild custom directory, so that it wouldn't be overwritten on update time:
Code:
mkdir -p /usr/local/directadmin/custombuild/custom/openlitespeed/conf
cp -p /usr/local/lsws/conf/httpd-accesscontrol.conf /usr/local/directadmin/custombuild/custom/openlitespeed/conf/httpd-accesscontrol.conf

Open /usr/local/lsws/conf/httpd-includes.conf and add this line to it:
Code:
useIpInProxyHeader 2

Save the file and restart OpenLiteSpeed then :)
 
Back
Top