CloudFlare DNS /直接IP标识符 [英] CloudFlare DNS / direct IP identifier
问题描述
我们开始在工作中使用cloudflare,我想了解一下cloudflare如何知道我将dns名称放在浏览器中而不是直接IP。
We started to use cloudflare at my work and I want to understand how the cloudflare knows that I put dns name at my browser and not direct IP.
我的意思是-他们怎么知道我是否将www.mysite.com而不是123.34.45.45作为URL放在我的浏览器上。
I mean - how they knows if I put www.mysite.com and NOT 123.34.45.45 as URL on my browser.
HTTP GET标头中是否有任何标志或任何其他标识符?
Is there any flag at HTTP GET header or any other identifier ?
非常感谢。
推荐答案
有一种方法可以做到这一点。
There is a way of doing that.
在apache内,而不是在公共根目录下,使用VHosts代替,它们只会响应请求的vhost。虽然它总比没有好,但仍可以通过多种方式进行显示。
CloudFlare已发布了一个针对Apache的模块 mod_cloudflare ,该模块将记录并显示实际的访客IP地址,而不是cloudflare访问的IP地址! https://www.cloudflare.com/resources-downloads#mod_cloudflare (由: olimortimer )
Inside apache instead of doing a public root directory, use VHosts instead they will only respond to a vhost requested. While its better than nothing it still can be displayed through an numerous amount of ways.
CloudFlare has released a module mod_cloudflare for apache, the module will log and display the actual visitor IP Addresses rather than those accessed by cloudflare! https://www.cloudflare.com/resources-downloads#mod_cloudflare (Answer by: olimortimer)
我建议您使用PHP: Cloudflare的IP已公开存储,因此您可以在此处进行查看,然后检查该IP是否来自cloudflare (这将使我们能够从http标头 HTTP_CF_CONNECTING_IP 中获取真实IP)。
I recommend you do it in PHP: Cloudflare's ips are stored in public so you can go view them here then check if the ip is from cloudflare (this will allow us to get the real ip from the http header HTTP_CF_CONNECTING_IP).
要禁用所有非cf连接,反之亦然,我建议您有一个单独的php脚本文件,该文件应在其他所有脚本(例如common.php或pagestart.php等)之前被调用。
If you are using this to disable all non cf connections or vice versa, i recommend you to have a single php script file that gets called before every other script such as a common.php or pagestart.php etc.
function ip_in_range($ip, $range) {
if (strpos($range, '/') == false)
$range .= '/32';
// $range is in IP/CIDR format eg 127.0.0.1/24
list($range, $netmask) = explode('/', $range, 2);
$range_decimal = ip2long($range);
$ip_decimal = ip2long($ip);
$wildcard_decimal = pow(2, (32 - $netmask)) - 1;
$netmask_decimal = ~ $wildcard_decimal;
return (($ip_decimal & $netmask_decimal) == ($range_decimal & $netmask_decimal));
}
function _cloudflare_CheckIP($ip) {
$cf_ips = array(
'199.27.128.0/21',
'173.245.48.0/20',
'103.21.244.0/22',
'103.22.200.0/22',
'103.31.4.0/22',
'141.101.64.0/18',
'108.162.192.0/18',
'190.93.240.0/20',
'188.114.96.0/20',
'197.234.240.0/22',
'198.41.128.0/17',
'162.158.0.0/15',
'104.16.0.0/12',
);
$is_cf_ip = false;
foreach ($cf_ips as $cf_ip) {
if (ip_in_range($ip, $cf_ip)) {
$is_cf_ip = true;
break;
}
} return $is_cf_ip;
}
function _cloudflare_Requests_Check() {
$flag = true;
if(!isset($_SERVER['HTTP_CF_CONNECTING_IP'])) $flag = false;
if(!isset($_SERVER['HTTP_CF_IPCOUNTRY'])) $flag = false;
if(!isset($_SERVER['HTTP_CF_RAY'])) $flag = false;
if(!isset($_SERVER['HTTP_CF_VISITOR'])) $flag = false;
return $flag;
}
function isCloudflare() {
$ipCheck = _cloudflare_CheckIP($_SERVER['REMOTE_ADDR']);
$requestCheck = _cloudflare_Requests_Check();
return ($ipCheck && $requestCheck);
}
// Use when handling ip's
function getRequestIP() {
$check = isCloudflare();
if($check) {
return $_SERVER['HTTP_CF_CONNECTING_IP'];
} else {
return $_SERVER['REMOTE_ADDR'];
}
}
使用脚本非常简单:
$ip = getRequestIP();
$cf = isCloudflare();
if($cf) echo "Cloudflare :D<br>";
else echo "Not cloudflare o_0";
echo "Your actual ip address is: ". $ip;
此脚本应该可以帮助您检查请求是否来自CF,而不是直接来自IP地址
This script should help you out to check if the request is from CF and not directly though a ip address.
这篇关于CloudFlare DNS /直接IP标识符的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
