I have a problem where I seem to be unable to access Cloudflare's header that passes the client origin IP when it proxies requests.
The header should be HTTP_CF_CONNECTING_IP
according to Cloudflare's docs and my site is hosted on Heroku.
I have the following Rack Attack setup but even when live in production HTTP_CF_CONNECTING_IP
isn't logging at all.
class Rack::Attack
Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new
class Request < ::Rack::Request
def remote_ip
@remote_ip ||= (env['HTTP_CF_CONNECTING_IP'] || env['action_dispatch.remote_ip'] || ip).to_s
end
end
track('Log all requests') do |req|
puts req.ip # returns an IP
puts req.env['action_dispatch.remote_ip'] # returns the same IP as req.ip
puts req.env['HTTP_CF_CONNECTING_IP'] # doesn't show anything
req.remote_ip
end
end
I am using a free version of Cloudflare and wondered if that made any difference but at the moment it's making it impossible to use Rack Attack as I seem to just block everyone.
Any help would be much appreciated.
I faced this
throttling all
issue on one of the project with exact same configuration i.e Heroku, CloudFlare and RackAttack.The issue was all the requests were proxied via CloudFlare and hence reaching the max limit and getting throttled.
I used the same
remote_ip
method that you posted in the question but somehow I was able to fetch theremote_ip
fromenv['HTTP_CF_CONNECTING_IP']
I was on a premium CF plan(Even I am not if this is helpful). You may refer this blog Restoring original visitor IPs If the problem still persists.
Also I found this blog really helpful How to mitigate DDoS using Rack::Attack