A repo for user facing tools. Currently, this includes: ======> mod_cloudflare.c Based on mod_remoteip.c, this apache extension will replace the remote_ip variable in user's logs with the correct remote_ip sent from CloudFlare. This also does authentication, only performing the switch for requests originating from 204.93.173.0/24 (by default). To install: # apxs2 -a -i -c mod_cloudflare.c No further configuration is needed. However, if you wish to override the default values, the following directives are exposed: * CloudFlareRemoteIPHeader This specifies the header which contains the original IP. Default: CloudFlareRemoteIPHeader CF-Connecting-IP * CloudFlareRemoteIPTrustedProxy This is the IP range from which we will allow the CloudFlareRemoteIPHeader to be used from. See https://www.cloudflare.com/wiki/What_are_the_CloudFlare_IP_address_ranges. Note that on some Debian systems, you may have to add a LoadModule directive manually. This should look like: LoadModule cloudflare_module /usr/lib/apache2/modules/mod_cloudflare.so Replace /usr/lib/apache2/modules/mod_cloudflare.so with the path to mod_cloudflare.so on your system. If you cannot find apxs or apxs2, on a Debian or Ubuntu distro you can install this tool with: # apt-get install apache2-prefork-dev NOTES: *) If mod_cloudflare and mod_remoteip are enabled on the same web server, the server will crash if they both try to set the remote IP to a different value. *) Enableing mod_cloudflare will not effect the performance of Apache in any noticable maner. AB testing both over LAN and WAN show no equalilent numbers with and without mod_cloudflare. *) If you like, you may also add the directive DenyAllButCloudFlare. This will result in all requests from IPs which are not in the CloudFlareRemoteIPTrustedProxy range being denied with a status of 403. ======> ddclient A port of ddclient (http://sourceforge.net/projects/ddclient/) this includes support for using the CloudFlare dynamic DNS updating system. ** We are working to integrate the CloudFlare patch into the projects main branch, but this has not happened yet. ** ------------------------------------------------------------------------------- REQUIREMENTS: - Perl 5.004 or later (you need the IO::Socket::SSL perl library for ssl-support) ------------------------------------------------------------------------------- INSTALLATION: cp ddclient /usr/sbin/ mkdir /etc/ddclient mkdir /var/cache/ddclient cp sample-etc_ddclient.conf /etc/ddclient/ddclient.conf vi /etc/ddclient/ddclient.conf -- and change hostnames, logins, and passwords appropriately For CloudFlare, this should be: ## ## CloudFlare (cloudflare.com) ## ssl=yes protocol=cloudflare, \ server=www.cloudflare.com, \ login=myemail@foo.com \ password=my-cloudflare-auth-token \ my-awsome-site.com, To run in debug mode: ddclient -daemon=0 -debug -verbose -noquiet See the docs at http://sourceforge.net/projects/ddclient for full configuration and installation instructions.