In today's fast-paced digital landscape, protecting web applications from security threats is of paramount importance, that's why we've built a script to remove ip addresses in Cloudflare. Cloudflare, a leading web security and content delivery network provider, offers a powerful Web Application Firewall (WAF) that helps safeguard websites against malicious attacks. However, managing and maintaining WAF IP addresses can become a cumbersome task, particularly when dealing with large-scale deployments. In this article, we will explore how to streamline WAF IP address management by leveraging a bash script and the Cloudflare API.
The following bash script we'll be using allows for bulk deletion of WAF IP addresses. It will retrieve up to 1,000 IP addresses and then subsequently delete them one by one using the Cloudflare API.
First, you'll need to obtain your Cloudflare API token. Log in to your Cloudflare account, navigate to "My Profile," and then the "API Tokens" tab. Generate a new token with "Edit" and "Read" permissions for "Account Firewall Access Tools" rules by creating a new Custom Token:
The script will utilize the
curl command-line tool and
jq JSON processor to interact with the Cloudflare API.
#!/bin/bash # Cloudflare Settings CF_URL="https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" CF_TOKEN="XXXXXXXXXX" # Get the list of IP addresses and total JSON=$(curl -s -X GET "$CF_URL?mode=block&configuration_target=ip&page=1&per_page=1000" -H "Content-Type: application/json" -H "Authorization: Bearer $CF_TOKEN") TOTAL=$(echo $JSON | jq -r .result_info.total_count) # Loop through the IP addresses and delete them for (( c=0; c<$TOTAL; c++ )) do ID=$(echo $JSON | jq -r .result[$c].id); IP=$(echo $JSON | jq -r .result[$c].configuration.value); RESULT=$(curl -s -X DELETE "$CF_URL/$ID" -H "Content-Type: application/json" -H "Authorization: Bearer $CF_TOKEN") SUCCESS=$(echo $RESULT | jq -r .success) echo -n "Deleting $IP from Cloudflare..." echo -n $SUCCESS if [ $SUCCESS = false ]; then echo " Cloudflare Error: $(echo $RESULT | jq -r .errors.message)"; fi done echo "Bulk deletion completed!"
Save the script to a file (e.g.,
bulk_delete_cf_ips.sh), and make it executable using the command
chmod +x bulk_delete_cf_ips.sh.
Don't forget to change the
CF_TOKENvariable to your Cloudflare API Token.
Finally, run the script in your bash environment by executing
The script will perform a bulk deletion of all WAF IP addresses listed at Cloudflare.
Got Gravity Forms? You'll need Cloudflare Turnstile.
Protect your forms from those pesky spammers with our Cloudflare Turnstile plugin for Gravity Forms. A super lightweight plugin.
Managing WAF IP addresses is a critical aspect of maintaining robust security for web applications. By leveraging a bash script and the Cloudflare API, we can automate the process of bulk deleting WAF IP addresses, saving time and effort. This approach streamlines WAF management and enables security administrators to focus on other crucial tasks in their web application defense strategy. With the ability to tailor the script to fit specific needs, organizations can enhance their security posture while ensuring efficient WAF IP address management.