Nginx Allows Cloudflare Traffic Only
Get Cloudflare IP List:
Install Nginx extra module
sudo apt-get install nginx-extras
Configure nginx.conf
Create a file to store Cloudflare whitelisted IP list.
vim /etc/nginx/cloudflare-whitelist.conf
Use this command to get the IP list from Cloudflare.
{ curl -s "https://www.cloudflare.com/ips-v4"; echo ""; curl -s "https://www.cloudflare.com/ips-v6"; } | awk '{print "set_real_ip_from "$1";"}' && echo "real_ip_header CF-Connecting-IP;" && echo "" && echo "geo \$realip_remote_addr \$cloudflareips {" && echo "\tdefault 0;" && { curl -s "https://www.cloudflare.com/ips-v4"; echo ""; curl -s "https://www.cloudflare.com/ips-v6"; } | awk '{print "\t"$1" 1;"}' && echo "}"
Add the configuration file to /etc/nginx/nginx.conf
:
vim /etc/nginx/nginx.conf
include /etc/nginx/cloudflare-whitelist.conf;
Implement to Server Host / Virtual Host Configuration
Configure host file / virtual host file add this configuration below.
if ($cloudflareips != 1) {
return 403;
}
Restart!