Home › Forums › BulletProof Security Pro › Cloudflare – Login Security and Plugin Firewall not working
Tagged: CloudFlare
- This topic has 3 replies, 3 voices, and was last updated 4 years, 7 months ago by AITpro Admin.
-
AuthorPosts
-
AITpro AdminKeymaster
Problem: Cloudflare breaks the BPS Pro Plugin Firewall, which in turn breaks BPS Pro Login Security and other things. Important Note: This only appears to be caused by installing WordPress Cloudflare plugins and not when installing Cloudflare from your web host control panel or directly from the Cloudflare website.
Solution: Copy the Cloudflare IP address Range htaccess code below into the Plugin Firewall > Plugin Firewall Additional Whitelist Tools > Whitelist by Hostname (domain name) and IP Address text box > click the Save Hostname and IP Address Rules button > click the Plugin Firewall Activate button.
cloudflare.com, 173.245.48.0/20, 103.21.244.0/22, 103.22.200.0/22, 103.31.4.0/22, 141.101.64.0/18, 108.162.192.0/18, 190.93.240.0/20, 188.114.96.0/20, 197.234.240.0/22, 198.41.128.0/17, 162.158.0.0/15, 104.16.0.0/12, 104.24.0.0/14, 172.64.0.0/13, 131.0.72.0/22, 2400:cb00::/32, 2606:4700::/32, 2803:f800::/32, 2405:b500::/32, 2405:8100::/32, 2a06:98c0::/29, 2c0f:f248::/32
AbZu2ParticipantThanks
BenitoParticipantNot working on Debian and apache2.4 because Rewritecond not accepting this kind of CIDR notation.
I made 3 changes on 3 files :
admin/wizard/swizard-functions.php
admin/core/core-forms.php
includes/firewall-autopilot.phpModifications :
$allow_whiteList[] .= 'RewriteCond %{REMOTE_ADDR} !^' . $allow_Value . '$' . "\n"; -> $allow_whiteList[] .= 'RewriteCond expr "! -R \'' . $allow_Value . '\'"' . "\n";
Now, cloudflare IPs are OK
AITpro AdminKeymaster@ Benito – You would have to make these same modifications each time you upgraded BPS Pro. Not huge deal I guess, but probably figuring out why your particular server configuration is not working with the standard BPS Pro code would be a better route to take in the long run. I’m guessing this is some kind of httpd.conf configuration issue somewhere or maybe the other Apache conf files. In general that standard BPS Pro code works fine for most people. I don’t have a lot of spare time these days with everything going on to look into this.
Maybe try doing Google searches for: Apache httpd.conf config + CIDR for starters and then of course do variations of that search term to find the server config solution.
-
AuthorPosts
- You must be logged in to reply to this topic.