Support » Plugin: All In One WP Security & Firewall » Why Cloudfare shows up in 404 Detection Log

  • Resolved rebornhairppp


    Hey guys,

    Sorry to bother you again.

    I just recently signed up under the free Cloudfare plan.

    I do notice a lot of activity from them and it looks to be as though they use a ton of different IP address, such as and

    The attempted URL they’re trying to access varies but it’s mainly /rep.php or /manual.

    If they keep consistently getting 404 errors and I don’t blacklist them, Apache will take a hit.

    Would it be safe to whitelist all Cloudfare IP addresses or allow them access to such files? Will not allowing them access cause errors down the road?

    I notice some 403 header.jpg and failed to load resource: net::ERR_TOO_MANY_REDIRECTS errors when I run Google developer tools under console ever since I signed up at Cloudfare. However, I am not sure if those errors are due to
    enabling the 404 IP Detection and Lockout or Cloudfare’s settings.

    Like always, your help is invaluable and deeply admired!

    All my best,


Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author wpsolutions


    What have you configured in the following setting?
    WP Security >> Settings >> Advanced Settings >> IP Retrieval Settings

    Hi wpsolutions,

    It’s set to the default: $_SERVER[‘REMOTE_ADDR’

    Plugin Author wpsolutions


    If you are using cloudflare try HTTP_CF_CONNECTING_IP. This should solve your ip address issue because it will reveal the real visitor address instead of CF.

    Hey wpsolutions,

    Thanks for the tip.

    I am going to mark this thread as resolved!

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Why Cloudfare shows up in 404 Detection Log’ is closed to new replies.