I’m using Apache and someone is doing some bruteforce to XMLRPC Wordpress interface. When I checked the Apache Status I mostly see IPs from Cloudflare.
What’s the best way to get the real IP? I’ve read mod_cloudflare is not being maintaned anymores.
They’re now supporting
mod_remoteip for Apache2. Kindly refer to the Cloudflare docs.
I’n following it.
What would be the best place where to put the configuration in steps 2 and 3, so they won’t be overridden on update?
Best place to add custom Apache directives is here
WHM Home » Service Configuration » Apache Configuration » Include Editor » Post VirtualHost Include » All Versions