cpanel server centos + nginx + varnish fixes

i need an centos / cpanel server administrator with experience to do the following:
   1. make our apache recognize the real visitor ip because right now it shows the server's ip in all the httpd logs. 2. we use cloudflare for our websites so we need to make sure that cloudflare ip's are not resolved like real
    *ip's. i am saying this because i found alot of times the cloudflare ip's in the server's dom log files. 3. tune our server with mod_security and add rule in CSF firewall to block brute
    *force attempts to wp
    *login.php because we have high cpu load because of that. (but first the real ip must be done so the system can see the different ip's and block them correctly).
Our server is on centos with cpanel whm configured with Nginx + varnish plugin by
Also has CSF firewall installed and running.
And we use cloudflare for CDN and protection.
Desired Skills:
   Linux System Administration Firewall CentOS cPanel Nginx