forked from cloudflare/mod_cloudflare
raybejjani/mod_cloudflare
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Copyright CloudFlare 2012 cloudflare.com ======> mod_cloudflare.c Based on mod_remoteip.c, this apache extension will replace the remote_ip variable in user's logs with the correct remote_ip sent from CloudFlare. This also does authentication, only performing the switch for requests originating from 204.93.173.0/24 (by default). To install: # apxs2 -a -i -c mod_cloudflare.c No further configuration is needed. However, if you wish to override the default values, the following directives are exposed: * CloudFlareRemoteIPHeader This specifies the header which contains the original IP. Default: CloudFlareRemoteIPHeader CF-Connecting-IP * CloudFlareRemoteIPTrustedProxy This is the IP range from which we will allow the CloudFlareRemoteIPHeader to be used from. See https://www.cloudflare.com/wiki/What_are_the_CloudFlare_IP_address_ranges. Note that on some Debian systems, you may have to add a LoadModule directive manually. This should look like: LoadModule cloudflare_module /usr/lib/apache2/modules/mod_cloudflare.so Replace /usr/lib/apache2/modules/mod_cloudflare.so with the path to mod_cloudflare.so on your system. If you cannot find apxs or apxs2, on a Debian or Ubuntu distro you can install this tool with: # apt-get install apache2-prefork-dev NOTES: *) If mod_cloudflare and mod_remoteip are enabled on the same web server, the server will crash if they both try to set the remote IP to a different value. *) Enableing mod_cloudflare will not effect the performance of Apache in any noticable maner. AB testing both over LAN and WAN show no equalilent numbers with and without mod_cloudflare. *) If you like, you may also add the directive DenyAllButCloudFlare. This will result in all requests from IPs which are not in the CloudFlareRemoteIPTrustedProxy range being denied with a status of 403. Packaging The packaging directory contains a makefile to run the package process. For each class of system you wish to target, run the approriate rules: debian (& ubuntu) sudo make pkg-deb-system-prep make pkg-deb redhat (& centos) sudo make pkg-rpm-system-prep make pkg-rpm suse sudo make pkg-rpm-suse-system-prep make pkg-rpm-suse Testing To test a package run the test_debian, test_rpm or test_rpm.suse scripts on the target machine: test_debian.sh libapache2-mod-cloudflare_1.1_i386.deb test_rpm.suse.sh mod_cloudflare-1.1.0-3.fc16.x86_64.rpm test_rpm.suse.sh mod_cloudflare-1.1.0-3.x86_64.suse.rpm Releases 2012-06-03 1.1.1 Bugfix for DenyAll behavior when CF-Connecting-IP header not available. 2012-05-20 1.1.0 .deb and .rpm release tested on Debian 6.0, Ubuntu 8.04, Ubuntu 10.04, CentOS 5, CentOS 6, RHEL 5, RHEL 6, OpenSuSE 11.4, OpenSuSE 12.1 all on 32-bit and 64-bit architectures. These were produced on Fedora 16, Ubuntu 12.04 and OpenSuSE 12.1
About
No description, website, or topics provided.
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published