Adding multiple, disparate, IPs to the Firewall Whitelist

firewall

#1

Hi, we are using the Hackertarget service to run OpenVas scans and others tests against our websites. These originate from a large pool of different IPs. Is it possible to just enter a comma separated list to whitelist these or do I have to enter them individually?

Thanks in advance!


#2

Firewall or access rules?


#3

https://api.cloudflare.com/#firewall-access-rule-for-a-zone-create-access-rule and https://developers.cloudflare.com/firewall/api/cf-firewall-rules/post/ should have all the necessary information


#4

Thanks for the speedy response!

It would be to create a Whitelist rule in the Firewall IP access section. There are 109 IPs in the list; is it possible to add all of these to one rule?


#5

No, not individual addresses. You can add /16 and /24 blocks and AS numbers. Are these addresses continuous? Can you post some examples?


#6

Ah. That’s what I thought. They aren’t contiguous address spaces; the list is here: https://hackertarget.com/hackertarget-ip-list.txt

So I will have to create separate entries for each IP. Thanks for all your help, I guess the quickest way to do this would be through the API?


#7

Some of them seem to belong to the same ASN or even same network block, so you might be able to reduce it a bit but generally you will have to set them up separately. If it is too many the API might be the quickest way.


#8

OK, I’ll get on with that then. Thank you for your help :slight_smile:


closed #9

This topic was automatically closed after 30 days. New replies are no longer allowed.