How to force Apache to answer only to Cloudflare?

Question

I'm sure you all know what Cloudflare is (it's a very famous CDN).

What I want to do, is force my Apache HTTP server to ONLY answer to Cloudflare. I want Apache to ignore and close or not respond to any incoming socket that doesn't match a list of IPs. (in the Apache cor level, before reaching PHP etc)

I need this to protect my website from DoS/DDoS incase someone got my real webserver's IP.

I have this guy that creates like 1200 TCP connexions to my webserver, and these connexions don't send anything, they just stay open and alive, which makes my webserver down for a while.

I'm a total newbie at Apache configuration etc, I need a step by step Instructions. I'm using Windows Server 2008.

score 3 · Answer 1 · answered Jun 12 '12 at 19:51

3

If you want to restrict access to your port 80 to a specific list of IPs, then you should look into using iptables (presuming linux) or another firewalling solution to drop all incoming connections to port 80 which are not from IPs on the whitelist.

answered Jun 12 '12 at 19:51

Darth Android

38,658

score 2 · Accepted Answer · answered Jun 12 '12 at 21:03

2

We (CloudFlare) put something up for this in our knowledge base yesterday for Apache.

answered Jun 12 '12 at 21:03

damoncloudflare

174

score -1 · Answer 3 · answered May 29 '15 at 05:54

This might help you :

If you want to restrict access to your port 80 to a specific list of IPs, then you should look into using iptables (presuming linux) or another firewalling solution to drop all incoming connections to port 80 which are not from IPs on the whitelist.

DDOS – Instant Protection with CloudFlare

How to force Apache to answer only to Cloudflare?

3 Answers3