CloudFlare IP ranges

I’m not entirely sure a move like that is necessary or advisable.

If I’m a “hacker” and I try to send a malicious request to your site, it’ll proxy through CF straight to your WordPress site. But since you’ve white listed the IP, it’ll by-pass any scanning on the plugin side.

A secondary point unrelating to cloudflare is that yes, you can use ranges, but currently only IPv4 ranges are supported. I’d need to do some sort of testing on ipv6 ranges

Here is original answear for my support ticket at CF:

A 522 error happens when a TCP connection to the web server could not be established. To initiate a TCP connection our edge server sends out 3 SYN packets and awaits a SYN-ACK packet in return, if it doesn't receive one within 15 seconds the connection attempt will fail.
Common reasons for us to not receive the SYN-ACK in return:
- Our connection attempt was blocked by a firewall/security plugin at the host
- Packets are being dropped within the host's network
- The origin server was too overloaded to respond
- There was an issue with an upstream provider along the path
Here is what I recommend in order to ensure CloudFlare's IPs are accepted by your server:
1. Make sure that you're not blocking CloudFlare IPs in .htaccess, iptables , or your firewall.
2. Make sure your hosting provider isn't rate limiting or blocking IP requests from the CloudFlare IPs and ask them to whitelist the IP addresses below:
3. Make sure that you're operating off of the most recent versions of Bad Behavior or mod_security. mod_security's core rules aren't blocking CloudFlare requests.
Here is a list of our IPs: https://www.cloudflare.com/ips

Can you help somehow?
Thanks in advance.

Have you followed those steps 1-3?

The only point relating to our firewall is point 1 – ensure that their IPs aren’t on the blacklist – you can view the black list on the IP Manager.

Furthermore, even if their IPs were on the blacklist of the plugin, they wouldn’t generate this type of error.

2 & 3 are in progress… waiting for an answear

I’ve checked that and there were no CF’s IPs blocked in server setings/logs. Plugin’s black list is clear.

So going to figure it out further… thanks for your help ??

Great! Keep me posted sure if you think there’s any thing else I can help you with…

Hi again ??

This is the solution provided by my hosting provider, that I really don’t understand: (in .htaccess)

<IfModule mod_security2.c>
SecRuleRemoveById 950109
SecRuleRemoveById 950120
SecRuleRemoveById 950901
SecRuleRemoveById 950119
SecRuleRemoveById 958291
SecRuleRemoveById 960006
SecRuleRemoveById 960024
SecRuleRemoveById 960032
SecRuleRemoveById 960010
SecRuleRemoveById 960034
SecRuleRemoveById 960035
SecRuleRemoveById 960038
SecRuleRemoveById 981260
SecRuleRemoveById 973338
SecRuleRemoveById 981036
SecRuleRemoveById 981243
SecRuleRemoveById 981246
SecRuleRemoveById 981247
SecRuleRemoveById 981257
SecRuleRemoveById 981260
SecRuleRemoveById 981318
SecRuleRemoveById 981319
</IfModule>

Cool, I guess if it works, then great ??

@blackstar1979,

This is the solution provided by my hosting provider, that I really don’t understand: (in .htaccess)

ModSecurity (Apache module) is a web application firewall commonly deployed by web hosts to protect websites from various attacks. The numbers are IDs of specific rules that may be called to protect your site against specific known exploits.

But as with any security measure, there can be false positives, causing innocent people to be blocked. In your case, some of your host’s default ModSecurity rules are causing legitimate users of your WordPress site to be blocked. The code disables these specific troublesome rules (identified by their ID numbers) on your site, without disabling ModSecurity entirely.