Skip to main content

Hide Origin IP

Betul 👍 itu ide bagus supaya tidak perlu update manual setiap kali Cloudflare menambah/mengubah daftar IP mereka. Kita bisa buat script otomatis yang akan:

  1. Download daftar IP Cloudflare terbaru dari URL resminya

  2. Simpan ke file (misalnya /etc/nginx/conf.d/cloudflare.conf atau .htaccess untuk Apache).

  3. Reload webserver agar aturan langsung aktif.

Berikut contoh script bash untuk Nginx:

#!/bin/bash
# update-cloudflare-ips.sh

CF_DIR="/etc/nginx/cloudflare"
ALLOW_FILE="$CF_DIR/allow.conf"
REALIP_FILE="$CF_DIR/set_real_ip.conf"

mkdir -p $CF_DIR

# Download IP list
curl -s https://www.cloudflare.com/ips-v4 -o $CF_DIR/ips-v4
curl -s https://www.cloudflare.com/ips-v6 -o $CF_DIR/ips-v6

# Generate allow.conf
{
  echo "# Cloudflare allow list - $(date)"
  while read ip; do
    echo "allow $ip;"
  done < $CF_DIR/ips-v4
  while read ip; do
    echo "allow $ip;"
  done < $CF_DIR/ips-v6
  echo "deny all;"
} > $ALLOW_FILE

# Generate set_real_ip.conf
{
  echo "# Cloudflare real IP - $(date)"
  while read ip; do
    echo "set_real_ip_from $ip;"
  done < $CF_DIR/ips-v4
  while read ip; do
    echo "set_real_ip_from $ip;"
  done < $CF_DIR/ips-v6
} > $REALIP_FILE

# Reload nginx
nginx -t && systemctl reload nginx

🔹 Cara pakai:

  1. Simpan file script di /usr/local/bin/update-cloudflare-ips.sh

  2. chmod +x /usr/local/bin/update-cloudflare-ips.sh

  3. Tambahkan ke cronjob biar auto update tiap hari:

0 3 * * * /usr/local/bin/update-cloudflare-ips.sh


Back to top