diff --git a/Gemfile.lock b/Gemfile.lock
index e6d1d866c..d52ae0546 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -39,7 +39,7 @@ PATH
       bcrypt (~> 3.1.16)
       bugsnag
       ckeditor
-      cloudflare-rails (~> 4.1)
+      cloudflare-rails (>= 4.1, < 6.0)
       devise
       devise-pwned_password
       email_address
@@ -339,10 +339,11 @@ GEM
       numerizer (~> 0.1.1)
     ckeditor (5.1.1)
       orm_adapter (~> 0.5.0)
-    cloudflare-rails (4.1.0)
+    cloudflare-rails (5.0.1)
       actionpack (>= 6.1, < 7.2.0)
       activesupport (>= 6.1, < 7.2.0)
       railties (>= 6.1, < 7.2.0)
+      zeitwerk (>= 2.5.0)
     codecov (0.6.0)
       simplecov (>= 0.15, < 0.22)
     coderay (1.1.3)
diff --git a/plugins/ShinyCMS/shinycms.gemspec b/plugins/ShinyCMS/shinycms.gemspec
index f5d45e87f..fceea12b0 100644
--- a/plugins/ShinyCMS/shinycms.gemspec
+++ b/plugins/ShinyCMS/shinycms.gemspec
@@ -123,7 +123,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'sentry-ruby'
 
   # Fix request.ip when running behind Cloudflare proxying
-  spec.add_dependency 'cloudflare-rails', '~> 4.1'
+  spec.add_dependency 'cloudflare-rails', '>= 4.1', '< 6.0'
 
   # Used to export demo site data from the database
   spec.add_dependency 'seed_dump'