Skip to main contentAzure DevOps
harisekhon
/
GitHub
/
Repos
/
Commits
/
Sign in to your account
Sign in
GitHub
Overview
Boards
ReposFilesCommitsBranchesTagsPull requests
Pipelines
Artifacts
added nginx-cloudflare.conf
Browse Files
b6a324da
Hari Sekhon
committed Jan 5, 2023
master
Files
Details
1 changed file
nginx-cloudflare.conf
+
nginx-cloudflare.conf
/nginx-cloudflare.conf+52
/nginx-cloudflare.conf
View
Add comment 1 Plus  #
Add comment 2 Plus  # Author: Hari Sekhon
Add comment 3 Plus  # Date: 2022-07-25 14:02:12 +0100 (Mon, 25 Jul 2022)
Add comment 4 Plus  #
Add comment 5 Plus  # vim:ts=2:sts=2:sw=2:et
Add comment 6 Plus  #
Add comment 7 Plus  # https://github.com/HariSekhon/Templates
Add comment 8 Plus  #
Add comment 9 Plus  # License: see accompanying Hari Sekhon LICENSE file
Add comment 10 Plus  #
Add comment 11 Plus  # If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish
Add comment 12 Plus  #
Add comment 13 Plus  # https://www.linkedin.com/in/HariSekhon
Add comment 14 Plus  #
Add comment 15 Plus  
Add comment 16 Plus  # ============================================================================ #
Add comment 17 Plus  # N g i n x C l o u d f l a r e
Add comment 18 Plus  # ============================================================================ #
Add comment 19 Plus  
Add comment 20 Plus  # Cloudflare Proxy Mode IP Source Ranges
Add comment 21 Plus  
Add comment 22 Plus  # Get up to date IP ranges from Cloudflare API using script from my DevOps-Bash-tools repo:
Add comment 23 Plus  #
Add comment 24 Plus  # cloudflare_ip_ranges.sh | sort | sed 's/^/set_real_ip_from /; s/$/;/' >> nginx-cloudflare.conf
Add comment 25 Plus  
Add comment 26 Plus  set_real_ip_from 103.21.244.0/22;
Add comment 27 Plus  set_real_ip_from 103.22.200.0/22;
Add comment 28 Plus  set_real_ip_from 103.31.4.0/22;
Add comment 29 Plus  set_real_ip_from 104.16.0.0/13;
Add comment 30 Plus  set_real_ip_from 104.24.0.0/14;
Add comment 31 Plus  set_real_ip_from 108.162.192.0/18;
Add comment 32 Plus  set_real_ip_from 131.0.72.0/22;
Add comment 33 Plus  set_real_ip_from 141.101.64.0/18;
Add comment 34 Plus  set_real_ip_from 162.158.0.0/15;
Add comment 35 Plus  set_real_ip_from 172.64.0.0/13;
Add comment 36 Plus  set_real_ip_from 173.245.48.0/20;
Add comment 37 Plus  set_real_ip_from 188.114.96.0/20;
Add comment 38 Plus  set_real_ip_from 190.93.240.0/20;
Add comment 39 Plus  set_real_ip_from 197.234.240.0/22;
Add comment 40 Plus  set_real_ip_from 198.41.128.0/17;
Add comment 41 Plus  
Add comment 42 Plus  set_real_ip_from 2400:cb00::/32;
Add comment 43 Plus  set_real_ip_from 2405:8100::/32;
Add comment 44 Plus  set_real_ip_from 2405:b500::/32;
Add comment 45 Plus  set_real_ip_from 2606:4700::/32;
Add comment 46 Plus  set_real_ip_from 2803:f800::/32;
Add comment 47 Plus  set_real_ip_from 2a06:98c0::/29;
Add comment 48 Plus  set_real_ip_from 2c0f:f248::/32;
Add comment 49 Plus  
Add comment 50 Plus  # Cloudflare's version of X-Forwarded-For header to extract
Add comment 51 Plus  real_ip_header CF-Connecting-IP;
Add comment 52 Plus