Back to Community Threads
SmarterMail Web Client - Cloudflare Protection
Problem reported by DRKZA - 1/28/2026 at 7:53 AM
Submitted
Has anybody successfully implemented putting the web part of Smartermail behind Cloudflare? You will need to use the cf-connecting-ip header in the web.config to report the correct real visitors IP's. 
Richard Laliberte Replied
1/28/2026 at 7:59 AM
We actually just submitted a ticket a few days ago about this asking for support for CF-Connecting-IP, X-Requested-For or X-Forwarded-For. no word back yet but hopefully it gets into one of the next releases.
DRKZA Replied
1/28/2026 at 9:41 AM
Removed for safety purposes.
rick Replied
2/5/2026 at 10:46 AM
There are quite a few things to do on the Cloudflare side. Otherwise users will get timed out, rechallenged, etc. Highly recommended to get the Pro account ($20) to be able to use Managed Rules (Cloudflare manages those).

Also, BE VERY CAREFUL WITH THE ABOVE POSTED web.config.
Without additional config, anyone connecting in from a Mobile Hotspot or Mobile Phone (or anyone =using IPv6 for that matter) will totally disarm IP Restrictions for Administrators since those come through as 127.0.0.1 (automatically trusted IP). I'm gonna make a special post about this right now...  dangerous!!
DRKZA Replied
2/5/2026 at 11:03 AM
Thanks, then I will rather remove that. 
Back to Community Threads

Reply to Thread

Enter the verification text
Related Knowledge Base Articles
Manually Securing SmarterMail Using Let's Encrypt and Certify the WebSmarterMail > Installation and Configuration
Configure SSL/TLS to Secure SmarterMailSmarterMail > Server Configuration and Management
Connecting to Shared Resources in eM Client via EWSSmarterMail > Desktop and Mobile Synchronization
Configure IMAP or POP for eM ClientSmarterMail > Desktop and Mobile Synchronization
Integrating Existing SSL Certificates With SmarterMail Automated SSL CertificatesSmarterMail > Server Configuration and Management