Question Blocking all connections to a Plesk domain except 2

[RobbieL]

Hey there,

I have a couple of different IP addresses pointed to my server and one of them is routed through CloudFlare to that domain, then to Plesk.

I have an issue of some random domains spoofing the website, bypassing CloudFlare and pointing directly to the IP address, which I don't want.

So what I'm after on Plesk for this one IP address is to deny all incoming connections except for those coming from the two designated CloudFlare name servers - Is there a way to do this?

Thanks!

 

[Peter Debik]

You can limit access by adding a "*" to the "Deny access to the site" setting in the "Apache & Nginx" settings of the website. Then you can add exclusions of all Cloudflare public ips (IP Ranges).

 

[T2121]

This would be a nice workaround. Unfortunately whitelisting CF's ip range doesn't work for me, it still blocks access. Could it be that my cloudflare-fail2ban configuration is responsible for identifying traffic to apache/nginx with the original IP? How To Use Fail2ban With WordPress And Cloudflare Proxy (see chapter "Using Cloudflare Actions".

Thanks.

 

[T2121]

This sheds some more light on the issue

https://community.cloudflare.com/t/disabling-direct-access-to-origin-server-on-apache/489104/2

 

[T2121]

Any ideas? What would be a good alternative to block traffic that doesn't go through Cloudflare that can be disabled on some sites? Thanks.

 

[T2121]

Any ideas? What would be a good alternative to block traffic that doesn't go through Cloudflare that can be disabled on some sites? Thanks.

Bump