diff --git a/README.md b/README.md
index 617d146..d77cc83 100644
--- a/README.md
+++ b/README.md
@@ -39,6 +39,9 @@ Which one you use is ultimately up to you. Either way, I've provided a sample co
If you set `enableUserAccounts: true`, people will be able to create accounts on the service to keep track of their uploaded files and create albums to upload stuff to, pretty much like imgur does, but only through the API. Every user account has a token that the user can use to upload stuff through the API. You can find this token on the section called `Change your token` on the administration dashboard, and if it gets leaked or compromised you can renew it by clicking the button titled `Request new token`.
+## Cloudflare Support
+If you are running lolisafe behind Cloudflare there is support to make the NGINX logs have the users IP instead of Cloudflares IP. You will need to compile NGINX from source with `--with-http_realip_module` as well as uncomment the following line in the NGINX config: `include /path/to/lolisafe/real-ip-from-cf;`
+
## Using loli-safe
Once the service starts you can start hitting the upload endpoint at `/api/upload` with any file. If you're using the frontend to do so then you are pretty much set, but if using the API to upload make sure the form name is set to `files[]` and the form type to `multipart/form-data`. If the service is running in private mode, dont forget to send a header of type `token: YOUR-CLIENT-TOKEN` to validate the request.
diff --git a/nginx-ssl.sample.conf b/nginx-ssl.sample.conf
index 2172564..72d0028 100644
--- a/nginx-ssl.sample.conf
+++ b/nginx-ssl.sample.conf
@@ -21,6 +21,11 @@ server {
client_max_body_size 100M; # Change this to the max file size you want to allow
+ # Uncomment if you are running lolisafe behind CloudFlare.
+ # This requires NGINX compiled from source with:
+ # --with-http_realip_module
+ #include /path/to/lolisafe/real-ip-from-cf;
+
location / {
add_header Access-Control-Allow-Origin *;
root /path/to/your/uploads/folder;
diff --git a/nginx.sample.conf b/nginx.sample.conf
index 71b8855..c702eb2 100644
--- a/nginx.sample.conf
+++ b/nginx.sample.conf
@@ -10,6 +10,11 @@ server {
client_max_body_size 100M; # Change this to the max file size you want to allow
+ # Uncomment if you are running lolisafe behind CloudFlare.
+ # This requires NGINX compiled from source with:
+ # --with-http_realip_module
+ #include /path/to/lolisafe/real-ip-from-cf;
+
location / {
add_header Access-Control-Allow-Origin *;
root /path/to/your/uploads/folder;
diff --git a/pages/home.html b/pages/home.html
index 30bff4e..947a4a7 100644
--- a/pages/home.html
+++ b/pages/home.html
@@ -82,7 +82,7 @@
diff --git a/real-ip-from-cf b/real-ip-from-cf
new file mode 100644
index 0000000..e39c1d2
--- /dev/null
+++ b/real-ip-from-cf
@@ -0,0 +1,30 @@
+# https://www.cloudflare.com/ips/
+
+# IPv4 Ranges
+# https://www.cloudflare.com/ips-v4/
+set_real_ip_from 103.21.244.0/22;
+set_real_ip_from 103.22.200.0/22;
+set_real_ip_from 103.31.4.0/22;
+set_real_ip_from 104.16.0.0/12;
+set_real_ip_from 108.162.192.0/18;
+set_real_ip_from 131.0.72.0/22;
+set_real_ip_from 141.101.64.0/18;
+set_real_ip_from 162.158.0.0/15;
+set_real_ip_from 172.64.0.0/13;
+set_real_ip_from 173.245.48.0/20;
+set_real_ip_from 188.114.96.0/20;
+set_real_ip_from 190.93.240.0/20;
+set_real_ip_from 197.234.240.0/22;
+set_real_ip_from 198.41.128.0/17;
+
+# IPv6 Ranges
+# https://www.cloudflare.com/ips-v6/
+set_real_ip_from 2400:cb00::/32;
+set_real_ip_from 2405:8100::/32;
+set_real_ip_from 2405:b500::/32;
+set_real_ip_from 2606:4700::/32;
+set_real_ip_from 2803:f800::/32;
+set_real_ip_from 2c0f:f248::/32;
+set_real_ip_from 2a06:98c0::/29;
+
+real_ip_header CF-Connecting-IP;