Based on mod_remoteip.c, this Apache extension will replace the remote_ip variable in the user's logs with the correct remote IP sent from Cloudflare. The module only performs the IP substitution for requests originating from Cloudflare IPs by default.

In addition to this, the extension will also set the HTTPS environment variable to "on" in cases where Flexible SSL is in use. This prevents software such as WordPress from being broken by Flexible SSL.

Install mod-cloudflare:

yum install libtool git apr apr-devel apr-util apr-util-devel -y
cd /usr/local/src
git clone
cd mod_cloudflare
/usr/local/apache/bin/apxs -a -i -c mod_cloudflare.c

Restart httpd service and confirm that mod_cloudflare has been installed:

service httpd restart && /usr/local/apache/bin/httpd -M|grep cloudflare

More Security :

if you need your site is only available via cloudflare IPs, you need to simply add the following to your Apache/httpd configuration file and all non-Cloudflare traffic will be forbidden with status code 403:


Clouflare ip ranges can be found here :
ipv4 ranges :
ipv6 ranges :