Access restriction via .htaccess allow access only odna SP, odd not out, how to implement?

Hi all.

Deny access to all except one IP address.
.htaccess

Order Deny,Allow
Deny from all
Allow from 100.00.00.00

I forgot to write that the domain is using Cloudflare

Add so, and then try to go to the site and will not let me, although I added my IP, a hundred times already checked, if you remove the ban, the website admits, in what may be the problem?
April 19th 20 at 12:38
2 answers
April 19th 20 at 12:40
Not the Yip adds, or rather the website proximedia and IP from another connection. See logs
no, that's right I enter. so I think what the problem is, I wrote to the hosting already. - adrianna.Keeling20 commented on April 19th 20 at 12:43
@adrianna.Keeling20, see the logs, there lies the answer - Drake commented on April 19th 20 at 12:46
@Drake, it might be related to Cloudflare ? - adrianna.Keeling20 commented on April 19th 20 at 12:49
@adrianna.Keeling20, Yes - Drake commented on April 19th 20 at 12:52
@Drakehas Already been read, right, this is due to Cloudflare , losses to understand how my task to decide if using cloud is everything. - adrianna.Keeling20 commented on April 19th 20 at 12:55
@adrianna.Keeling20in hosts to register IP and domain - Drake commented on April 19th 20 at 12:58
@Drake, please give an example so I understand.

I'm such a schema is found to block access on the SP
SetEnvIf X-FORWARDED-FOR 100.00.00.00 denyclient
Allow from denyclient

but I need to block all but one IP resolved until I realized how to do it. - adrianna.Keeling20 commented on April 19th 20 at 13:01
I found a solution.

Order Deny,Allow
SetEnvIf X-Forwarded-For ^100\.00\.00\.00 AllowIP
Deny from all
Allow from env=AllowIP

Block all except your IP address, only I can see the website. - adrianna.Keeling20 commented on April 19th 20 at 13:04
April 19th 20 at 12:42
When the site proximedia using Cloudflare all requests coming from Cloudflare IP.

your solution is not good, the visitor can send a private header X-Forwarded-For and specify your IP. And hacked your website.

Put it on the web server mod_cloudflare and do not reinvent the wheel.

PS: mod_cloudflare works only for the Web server, that is, ipfirewall/iptables will not work - they will get cloudforests IP.
In this case, IP of the visitor must be added using a comma to sent the title (or Vice versa, don't remember the order). You just have to consider this in the regular expression. - Emory_Barro commented on April 19th 20 at 12:45
@Emory_Barro, Yes, IP Cloudflare should be the last in the list (or only).
But the article https://habr.com/ru/post/177113/ write:
But in our case the settings were not correct until the end and the whole HTTP_X_FORWARDED_FOR replaced the header from the browser x-forwarded-for

that is, the content strongly depends on the proxy settings.

And as they say on phpfaq.ru/tech/ip#notes - from the host can be affected.

PS: And if you know the real IP of the server, you can access it bypassing cloudplane, and slip your header X-Forwarded-For. - Zackery_Smith commented on April 19th 20 at 12:48

Find more questions by tags htaccess