Fail2ban blocking Cloudflare IPs


I just setup cloudflare on some of my websites, but I do see that on the wordpress filter on fail2ban i get blocked also the Cloudflare IP,s, , is there a way to block the real IP of the users behind the cloudflare?

OS type and version Ubuntu Linux 20.04.5
Webmin version 2.011
Virtualmin version 7.5

Presumably they add an X-Forwarded-For header, so you’d need to act on that rather than the IP.

Here’s a blog post about using fail2ban behind a proxy (which is what you’re doing, Cloudflare is a proxy). Fail2Ban Behind A Proxy/Load Balancer – Centos.Tips

I haven’t vetted that link, it’s just one of the first things that comes up and seems reasonable.

Based on your idea, i got to show the real ips on logs and ban them following this guide by activating mod_remoteip in apache:

Since banning the real ips could not stop them, and since i could not configure the iptables thing (I am not very skilled on coding), I instead did transfer the original banned ips to Cloudflare IPacces rules, following this guide:

The drawback is that the IPS on cloudlfare - IP ACCESS RULES, get banned permanently until you unban them manually by pressing X on each of them. At leas i have them banned if they go on extremely brute forcing.