-
-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathcloudflaretoken.conf
104 lines (90 loc) · 4.88 KB
/
cloudflaretoken.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
#
# Author: Mike Andreasen from https://guides.wp-bullet.com
# Adapted Source: https://github.com/fail2ban/fail2ban/blob/master/config/action.d/cloudflare.conf
# Referenced from: https://www.normyee.net/blog/2012/02/02/adding-cloudflare-support-to-fail2ban by NORM YEE
#
# To get your Cloudflare API Token key: https://dash.cloudflare.com/profile/api-tokens
#
[Definition]
# Option: actionstart
# Notes.: command executed once at the start of Fail2Ban.
# Values: CMD
#
actionstart =
# Option: actionstop
# Notes.: command executed once at the end of Fail2Ban
# Values: CMD
#
actionstop =
# Option: actioncheck
# Notes.: command executed once before each actionban command
# Values: CMD
#
actioncheck =
# Option: actionban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: IP address
# number of failures
# unix timestamp of the ban time
# Values: CMD
########################################################################
# For Cloudflare Global API Key
########################################################################
# actionban = curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" \
# -H "X-Auth-Email: <cfuser>" \
# -H "X-Auth-Key: <cftoken>" \
# -H "Content-Type: application/json" \
# --data '{"mode":"block","configuration":{"target":"ip","value":"<ip>"},"notes":"Fail2Ban"}'
########################################################################
# For Cloudflare API Token method using CF Firewall at Account level
########################################################################
actionban = curl -s -X POST "https://api.cloudflare.com/client/v4/accounts/<cfaccountid>/firewall/access_rules/rules" \
-H "Authorization: Bearer <cfapitoken>" \
-H "Content-Type: application/json" \
--data "{"mode":"block","configuration":{"target":"ip","value":"<ip>"},"notes":"Fail2Ban"}"
# Option: actionunban
# Notes.: command executed when unbanning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: IP address
# number of failures
# unix timestamp of the ban time
# Values: CMD
#
########################################################################
# For Cloudflare Global API Key
########################################################################
# actionunban = curl -s -X DELETE "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules/$(
# curl -s -X GET "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules?mode=block&configuration_target=ip&configuration_value=<ip>&page=1&per_page=1&match=all" \
# -H "X-Auth-Email: <cfuser>" \
# -H "X-Auth-Key: <cftoken>" \
# -H "Content-Type: application/json" | awk -F"[,:}]" '{for(i=1;i<=NF;i++){if($i~/'id'\042/){print $(i+1)}}}' | tr -d '"' | head -n 1)" \
# -H "X-Auth-Email: <cfuser>" \
# -H "X-Auth-Key: <cftoken>" \
# -H "Content-Type: application/json"
########################################################################
# For Cloudflare API Token method using CF Firewall at Account level
########################################################################
actionunban = curl -s -X DELETE "https://api.cloudflare.com/client/v4/accounts/<cfaccountid>/firewall/access_rules/rules/$(curl -s -X GET "https://api.cloudflare.com/client/v4/accounts/<cfaccountid>/firewall/access_rules/rules?mode=block&configuration_target=ip&configuration_value=<ip>&page=1&per_page=1&match=all" -H "Authorization: Bearer <cfapitoken>" -H "Content-Type: application/json" | jq -r '.result[] | .id')" \
-H "Authorization: Bearer <cfapitoken>" \
-H "Content-Type: application/json"
[Init]
# Option: cfuser
# Notes.: Replaces <cfuser> in actionban and actionunban with cfuser value below
# Values: Your CloudFlare user account
########################################################################
# For Cloudflare Global API Key
########################################################################
cfuser = put-your-cloudflare-email-here
# Option: cftoken
# Notes.: Replaces <cftoken> in actionban and actionunban with cftoken value below
# Values:
# Your Cloudflare Global API key can be found here https://dash.cloudflare.com/profile/api-tokens
cftoken = put-your-Global-API-key-here
########################################################################
# For Cloudflare API Token method using CF Firewall at Account level
########################################################################
# Your Cloudfare API Token can be generated here https://dash.cloudflare.com/profile/api-tokens
cfapitoken = put-your-API-Token-here
# Your Cloudflare Account ID from site dashboard overview page's bottom right corner
cfaccountid = put-your-CF-Account-id