Simple Script to Get Latest Cloudflare Proxy IP List and Reload Nginx

by James McDonald | Feb 28, 2025 | IT Tips | 0 comments

https://developers.cloudflare.com/support/troubleshooting/restoring-visitor-ips/restoring-original-visitor-ips

A snippet to auto-download and reload nginx

Checks for a valid conf and echo's success or failure

#!/usr/bin/bash
 
# get-cf-proxy-ips.sh
 
ipv4=`curl -s https://www.cloudflare.com/ips-v4/#`
ipv6=`curl -s https://www.cloudflare.com/ips-v6/#`
 
ips="${ipv4} ${ipv6}"
 
output="cloudflare.conf"
 
echo -n > $output
 
for i in $ips
do
        echo -e "set_real_ip_from\t$i;"  >> $output
done
 
echo -e "real_ip_header\t\tCF-Connecting-IP;" >> $output
 
sudo cp $output /etc/nginx/cloudflare.conf
 
sudo systemctl reload nginx
 
sudo /usr/sbin/nginx -t 2>/dev/null > /dev/null
 
if [[ $? == 0 ]]; then
 echo "success"
 # do things on success
else
 echo "fail"
 # do whatever on fail
fi

Sample of the cloudflare.conf file that you can use in nginx

set_real_ip_from        173.245.48.0/20;
set_real_ip_from        103.21.244.0/22;
set_real_ip_from        103.22.200.0/22;
set_real_ip_from        103.31.4.0/22;
set_real_ip_from        141.101.64.0/18;
set_real_ip_from        108.162.192.0/18;
set_real_ip_from        190.93.240.0/20;
set_real_ip_from        188.114.96.0/20;
set_real_ip_from        197.234.240.0/22;
set_real_ip_from        198.41.128.0/17;
set_real_ip_from        162.158.0.0/15;
set_real_ip_from        104.16.0.0/13;
set_real_ip_from        104.24.0.0/14;
set_real_ip_from        172.64.0.0/13;
set_real_ip_from        131.0.72.0/22;
set_real_ip_from        2400:cb00::/32;
set_real_ip_from        2606:4700::/32;
set_real_ip_from        2803:f800::/32;
set_real_ip_from        2405:b500::/32;
set_real_ip_from        2405:8100::/32;
set_real_ip_from        2a06:98c0::/29;
set_real_ip_from        2c0f:f248::/32;
real_ip_header          CF-Connecting-IP;

Simple Script to Get Latest Cloudflare Proxy IP List and Reload Nginx

0 Comments

Submit a Comment Cancel reply