两种自动添加 ip 白名单到cloudflare的脚本
两种自动添加 ip 白名单到cloudflare的脚本,
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
#!/bin/bash
# 填Cloudflare Email邮箱
CFEMAIL="your mail"
# 填Cloudflare API key
CFAPIKEY="youkey"
# 填Cloudflare Zones ID 域名对应的ID
#ZONESID="your zone id"
# /data/wwwlogs/black.txt存放恶意攻击的IP列表
# IP一行一个。
IPADDR=$(curl http://icanhazip.com) #自动获取本机公网IP地址
# 循环提交 IPs 到 Cloudflare 防火墙黑名单
# 模式(mode)有 block, challenge, whitelist, js_challenge
#for IPADDR in ${IPADDR[@]}; do
echo $IPADDR
curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" \
-H "X-Auth-Email: $CFEMAIL" \
-H "X-Auth-Key: $CFAPIKEY" \
-H "Content-Type: application/json" \
--data '{"mode":"whitelist","configuration":{"target":"ip","value":"'$IPADDR'"},"notes":"whitelist id"}'
exit
1
2
3
4
https://api.cloudflare.com/client/v4/zones/$ZONEID/firewall/access_rules/rules
//指定区域防火墙
https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules
//全局防火墙,适用账户下面的所有域名
开上面的代码保存脚步并执行该脚步,如果成功会显示如下信息
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
{
"result": {
"id": "idname",
"paused": false,
"modified_on": "2021-10-13T01:59:44.295618161Z",
"allowed_modes": [
"whitelist",
"block",
"challenge",
"js_challenge"
],
"mode": "whitelist",
"notes": "whitelist id",
"configuration": {
"target": "ip",
"value": "192.168.0.231"
},
"scope": {
"id": "idname",
"email": "mailna,e",
"type": "user"
},
"created_on": "time"
},
"success": true, //看这里就行了,如果true就是成功了
"errors": [],
"messages": []
}
如果现实如下信息就表示脚本有问题,或者已经添加了相同IP地址
{
"result": null,
"success": false,
"errors": [
{
"code": 10009,
"message": "firewallaccessrules.api.duplicate_of_existing" //表示IP地址已经存在重复
}
],
"messages": []
}
如果只是一次性使用ip 白名单到cloudflare,可以使用下面的代码
IPADDR=$(curl http://icanhazip.com)
curl -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" \
-H "X-Auth-Email: youmail" \
-H "X-Auth-Key: youkey" \
-H "Content-Type: application/json" \
--data '{"mode":"whitelist","configuration":{"target":"ip","value":"$IPADDR"},"notes":"This rule is on because of an event that occured on date X"}'
参考地址
💘 相关文章
- nginx安全设置之-限制IP来源只能为cloudflare
- 写入指定IP数据到指定文件到简单shell脚本
- how to do config nginx allow's cloudflare ip's
- OpenLiteSpeed一键安装脚本
- pve添加和删除集群的注意事项
- Cloudflare 出現了520錯誤
- Configure nginx to only allow cloudflare's IP to connect to the server shell script
- cloudflare 524的解决方法
- 适用于Linux,MacOS,Unix 的优秀系统信息bash脚本
- MySQL8 method to restrict the connection of the intranet IP segment