Restoring original visitor IPs while using Cloudflare

If your website traffic is routed through the Cloudflare network, they act as a reverse proxy. Because of this, your server logs Cloudflare IP address. This behavior prevents you from creating IP based access lists.

If you want to create scenarios according to visitor's original IP, you need to do some configurations according to this Cloudflare article: https://developers.cloudflare.com/support/troubleshooting/restoring-visitor-ips/restoring-original-visitor-ips/

If you are using "Nginx Proxy Manager" just add this block to "Custom Nginx Configuration" page:

set_real_ip_from 103.21.244.0/22;  
set_real_ip_from 103.22.200.0/22;  
set_real_ip_from 103.31.4.0/22;  
set_real_ip_from 104.16.0.0/13;  
set_real_ip_from 104.24.0.0/14;  
set_real_ip_from 108.162.192.0/18;  
set_real_ip_from 131.0.72.0/22;  
set_real_ip_from 141.101.64.0/18;  
set_real_ip_from 162.158.0.0/15;  
set_real_ip_from 172.64.0.0/13;  
set_real_ip_from 173.245.48.0/20;  
set_real_ip_from 188.114.96.0/20;  
set_real_ip_from 190.93.240.0/20;  
set_real_ip_from 197.234.240.0/22;  
set_real_ip_from 198.41.128.0/17;  
set_real_ip_from 2400:cb00::/32;  
set_real_ip_from 2606:4700::/32;  
set_real_ip_from 197.234.240.0/22;  
set_real_ip_from 198.41.128.0/17;  
set_real_ip_from 2400:cb00::/32;  
set_real_ip_from 2606:4700::/32;  
set_real_ip_from 2803:f800::/32;  
set_real_ip_from 2405:b500::/32;  
set_real_ip_from 2405:8100::/32;  
set_real_ip_from 2a06:98c0::/29;  
set_real_ip_from 2c0f:f248::/32;  
#real_ip_header CF-Connecting-IP;  
real_ip_header X-Forwarded-For;

Now you can create an "Access List" entry that includes original visitor IP address.