CloudFlare - OLS + DirectAdmin on Centos 7 [solved]

#1
Hi Guys,

Any help would be appreciated.

As per title I'm using: OLS w/ DirectAdmin on Centos 7.

Currently at the top of every settings page in the web panel is the following message:

"Include file detected in configuration file. Entering Read-only mode."

None of the settings can be changed.

This appears to make it impossible to use CloudFlare - as per https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:cloudflare - there are settings that need to be changed in order for the server to be able to see real visitor IP addresses and prevent issues related to DDoS blocking.

> When using CloudFlare CDN in front of your LiteSpeed Web Server, you may see a proxy IP instead of the real IP addresses of visitors.
> To restore real visitor IPs, navigate to LiteSpeed WebAdmin Console > Configuration > General Settings and set Use Client IP in Header to Trusted IP Only, and add CloudFlare IPs/Subnets to the trusted list, as shown below.

So this leaves the potential option of editing the config files directly, but this does not seem seem necessarily sensible or possible from what I can see (happy to be advised otherwise).

Does anyone have an experience of getting CloudFlare to work with OLS/DA?

Is my only option to use CloudFlare without proxying - ie DNS only?

Thanks in advance.
 

Pong

Administrator
#2
Please check this KB to see why read-only. https://openlitespeed.org/kb/directadmin-configuration-files/

You can do manually change through configuration at this stage:

You can add
Code:
 useIpInProxyHeader        2
https://openlitespeed.org/kb/directadmin-configuration-files/#httpd-defaultsconf

and add
Code:
accessControl  {
  allow                   ALL, 103.21.244.0/22T, 103.22.200.0/22T, 103.31.4.0/22T, 104.16.0.0/12T, 108.162.192.0/18T, 131.0.72.0/22T, 141.101.64.0/18T, 162.158.0.0/15T, 172.64.0.0/13T, 173.245.48.0/20T, 188.114.96.0/20T, 190.93.240.0/20T, 197.234.240.0/22T, 198.41.128.0/17T, 199.27.128.0/21T
}
to https://openlitespeed.org/kb/directadmin-configuration-files/#httpd-accesscontrolconf

Is my only option to use CloudFlare without proxying - ie DNS only?
CloudFlare/or any other CDN itself is reversy proxy.
 
Top