Matomo canno't get correct ip with cloudflare and tracker-proxy (Nginx)

Hello everyone,

I’m trying to set up matomo with cloudflare but it doesn’t work, the IP on the log is the IP of the origin server instead of client IP.

My matomo server is on simple VPS (without cloudflare).

One of my tracked website is behind cloudflare and use GitHub - matomo-org/tracker-proxy: HTTP proxy for Matomo's tracker API. This script allows to track websites with Matomo without revealing to your visitors the secret Matomo server URL.

According to cloudflare, I added the following code into my nginx server config (tracked website)

set_real_ip_from 103.21.244.0/22;set_real_ip_from 103.22.200.0/22;set_real_ip_from 103.31.4.0/22;set_real_ip_from 104.16.0.0/12;set_real_ip_from 108.162.192.0/18;set_real_ip_from 131.0.72.0/22;set_real_ip_from 141.101.64.0/18;set_real_ip_from 162.158.0.0/15;set_real_ip_from 172.64.0.0/13;set_real_ip_from 173.245.48.0/20;set_real_ip_from 188.114.96.0/20;set_real_ip_from 190.93.240.0/20;set_real_ip_from 197.234.240.0/22;set_real_ip_from 198.41.128.0/17;set_real_ip_from 2400:cb00::/32;set_real_ip_from 2606:4700::/32;set_real_ip_from 2803:f800::/32;set_real_ip_from 2405:b500::/32;set_real_ip_from 2405:8100::/32;set_real_ip_from 2c0f:f248::/32;set_real_ip_from 2a06:98c0::/29;

real_ip_header CF-Connecting-IP;

I tried to edit $http_ip_forward_header = 'X-Forwarded-For'; on tracker-proxy/config.php
I even tried with $http_ip_forward_header = 'CF-Connecting-IP'; but it doesn’t work

on nginx log (tracked website) the real IP is displayed, but in matomo VPS nginx log the tracked website VPS ip is displayed instead of client IP.

Do you have any idea?

Thanks in advance

Hello,

I find the solution: it was because I forgot to add the admin permission (or write) on the new website for the user used for tracking API (e.g. UserTrackingAPI).

If anybody facing the same issue do not forget to add the following lines (in matomo/config.ini.php file):

[General]
proxy_client_headers[] = "HTTP_CF_CONNECTING_IP"

And tracker-proxy/config.php:

$http_ip_forward_header = 'CF-Connecting-IP';
1 Like