If you are using Cloudflare as first line of defense, and want to restrict by IP in the Apache webserver behind. Add this to your .htaccess:
SetEnvIF X-Forwarded-For "1.1.1.1" AllowIP
<RequireAny>
Require env AllowIP
</RequireAny>
Because Computer Security Matters…