This is a simple action for fail2ban
that uses Cloudflare's API for Rules & Filters to block IP Addresses.
Usage is simple:
-
Add an IP address to the rule/filter:
./fail2cloudflare.py add <ip>
-
Delete an IP address from the rule/filter:
./fail2cloudflare delete <ip>
In order for this to work, there needs to exist a rule with the description fail2ban
.
If the script doesn't find such a firewall rule on Cloudflare, it will attempt to create it, and it will block 127.0.0.235
by default (should be harmless).
This is very useful to be used with fail2ban's nginx-limit-req
filter.