Whitelisting CloudFlare

Customer support forums for Atomic Protector (formerly Atomic Secured Linux). There is no such thing as a bad question here as long as it pertains to using Atomic Protector. Newbies feel free to get help getting started or asking questions that may be obvious. Regular users are asked to be gentle. :-)
Post Reply
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4149
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

Re: Whitelisting CloudFlare

Unread post by mikeshinn »

You dont want to whitelist the CDNs proxies, you want to configure your web server to process the CDNs X-Forwarded for headers so your system will see the actual attackers IP. Otherwise, if you whitelist the CDN the WAF wont do anything about an attack sent through the CDN. The better approach, also recommended by CDN providers, is to configure your webserver to see the attackers IP and not the CDNs.

Please see this article for guidance and links to vendors websites about how to do this with their CDN. You will also want to ask your CDN provider for instructions as well.

https://www.atomicorp.com/wiki/index.php/Proxy
Top
Post Reply

Return to “Atomic Protector (formerly ASL)”