In today's fast-paced digital landscape, protecting web applications from security threats is of paramount importance, that's why we've built a script to remove ip addresses in Cloudflare. Cloudflare, a leading web security and content delivery network provider, offers a powerful Web Application Firewall (WAF) that helps safeguard websites against malicious attacks. However, managing and maintaining WAF IP addresses can become a cumbersome task, particularly when dealing with large-scale deployments. In this article, we will explore how to streamline WAF IP address management by leveraging a bash script and the Cloudflare API.

The following bash script we'll be using allows for bulk deletion of WAF IP addresses. It will retrieve up to 1,000 IP addresses and then subsequently delete them one by one using the Cloudflare API.

The script will utilize the curl command-line tool and jq JSON processor to interact with the Cloudflare API.

#!/bin/bash

# Cloudflare Settings
CF_URL="https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules"
CF_TOKEN="XXXXXXXXXX"

# Get the list of IP addresses and total
JSON=$(curl -s -X GET "$CF_URL?mode=block&configuration_target=ip&page=1&per_page=1000" -H "Content-Type: application/json" -H "Authorization: Bearer $CF_TOKEN")
TOTAL=$(echo $JSON | jq -r .result_info.total_count)

# Loop through the IP addresses and delete them
for (( c=0; c<$TOTAL; c++ )) do
	ID=$(echo $JSON | jq -r .result[$c].id);
	IP=$(echo $JSON | jq -r .result[$c].configuration.value);

	RESULT=$(curl -s -X DELETE "$CF_URL/$ID" -H "Content-Type: application/json" -H "Authorization: Bearer $CF_TOKEN")
	SUCCESS=$(echo $RESULT | jq -r .success)

	echo -n "Deleting $IP from Cloudflare..."
	echo -n $SUCCESS
	if [ $SUCCESS = false ]; then echo " Cloudflare Error: $(echo $RESULT | jq -r .errors[0].message)"; fi
done

echo "Bulk deletion completed!"

Save the script to a file (e.g., bulk_delete_cf_ips.sh), and make it executable using the command chmod +x bulk_delete_cf_ips.sh.

Don't forget to change the CF_TOKEN variable to your Cloudflare API Token.

Finally, run the script in your bash environment by executing ./bulk_delete_cf_ips.sh.

The script will perform a bulk deletion of all WAF IP addresses listed at Cloudflare.

FREEBIE!

Got Gravity Forms? You'll need Cloudflare Turnstile.

Protect your forms from those pesky spammers with our Cloudflare Turnstile plugin for Gravity Forms. A super lightweight plugin.

Managing WAF IP addresses is a critical aspect of maintaining robust security for web applications. By leveraging a bash script and the Cloudflare API, we can automate the process of bulk deleting WAF IP addresses, saving time and effort. This approach streamlines WAF management and enables security administrators to focus on other crucial tasks in their web application defense strategy. With the ability to tailor the script to fit specific needs, organizations can enhance their security posture while ensuring efficient WAF IP address management.