Read Cloudflares IPs list from https://www.cloudflare.com/ips-v4 and https://www.cloudflare.com/ips-v6 and add them to nginx config.
Inside /etc/nginx/nginx.conf at the bottom of the http section:
http { ... include /etc/nginx/cloudflare; }
Create a file cloudflare.sh and add it as a cron job for the root user.
#!/bin/bash CLOUDFLARE_FILE_PATH=/etc/nginx/cloudflare echo "#Cloudflare" > $CLOUDFLARE_FILE_PATH; echo "" >> $CLOUDFLARE_FILE_PATH; echo "# - IPv4" >> $CLOUDFLARE_FILE_PATH; for i in `curl -s -L https://www.cloudflare.com/ips-v4`; do echo "set_real_ip_from $i;" >> $CLOUDFLARE_FILE_PATH; done echo "" >> $CLOUDFLARE_FILE_PATH; echo "# - IPv6" >> $CLOUDFLARE_FILE_PATH; for i in `curl -s -L https://www.cloudflare.com/ips-v6`; do echo "set_real_ip_from $i;" >> $CLOUDFLARE_FILE_PATH; done echo "" >> $CLOUDFLARE_FILE_PATH; echo "real_ip_header CF-Connecting-IP;" >> $CLOUDFLARE_FILE_PATH; #test configuration and reload nginx nginx -t && systemctl reload nginx
Lascia un commento