“[Action May Be Required] Changes to Cloudflare Infrastructure IPs Listed on cloudflare.com/ips” I have no idea where to look for the ‘allow’ list in order to make these changes or even if I need to. I have read a previous similar topic however unsure even where my server is to be able to check. Anyone be able to point me in the right direction as to where these IPs are? Thank you
You can disregard that message. There’s a Community FAQ on that.
Why have you said to disregard my topic? I said I had read a similar topic but that it didn’t help me. And, if there’s a better FAQ that I haven’t seen, why not give me a link to it? It’s not helpful just to say ‘disregard’!
I did not say to disregard your topic. I was referring to the email. I’m not sure which topic you looked at, but a search should have turned up the FAQ.
Still not helpful as I thought Cloudflare was my server. If so then surely this update would have been already made and so why ask me to? Is this something I have to authorise or do via my website? If it isn’t then where do I need to look to see whether I have an ‘allow’ list or not? Please don’t just tell me to ignore an email I have been sent about my website.
I’m sorry Cloudflare’s email is not as clearly written as it could be.
Most likely not. It’s a proxy between your visitors and your actual server.
What some people do for extra security is set up a firewall on their server. Because Cloudflare is a proxy server, all traffic should be routed through Cloudflare so it can secure and optimize your website.
But if an attacker was motivated enough, they would track down your server’s IP address and attack it directly. To prevent that, you’d set up a firewall at your host to make sure no HTTP/S traffic comes from anywhere else except Cloudflare IP addresses. That’s what those IP address lists are for.
Those lists rarely change. But there’s a change in the works. Some IP address ranges are being repurposed for other Cloudflare services, such as VPN. But if you’re using the old list, you’ve allowed all those IP addresses through because they’re from the proxy servers, which is a safe approach. But now with some of those IP address ranges being allocated to WARP VPN, a WARP user could set their localhosts file to use your server’s IP address for connections to your site and bypass Cloudflare protections. Updating your firewall IP address list, if you were already using the Cloudflare IP address list, will prevent this.
If this feature interests you, check with your host to see if you can add the new Cloudflare IP address list to your firewall rules as an Allow for HTTP/S traffic and Drop any HTTP/S requests that don’t come from that list.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.