Getting real_ip from Cloudflare

[trajche]

Background: I did check the Seravo nginx and the module is installed: --with-http_realip_module. I then added the configuration from Cloudflare, but it's reporting (what I think is) the Seravo's internal reverse proxy as origin IP. In this case it was 172.17.42.1.

Solution:
You have to add an additional line to your custom nginx config: set_real_ip_from 172.17.42.0/16; which will also look up the CF-Connecting-IP header on all requests coming through that rev proxy.

Please advise if it's necessary to add other subnets to the config, but here it is in case you want to add to docs:

# - Seravo
set_real_ip_from 172.17.42.0/16;

# - IPv4
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;

# - IPv6
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2c0f:f248::/32;
set_real_ip_from 2a06:98c0::/29;

real_ip_header CF-Connecting-IP;