Cloudflare IP's getting ban fail2ban for no-script and 404 URL's

CHA007 · December 4, 2018, 7:58pm

Hello,

I have installed Fail2ban on my Ubuntu VPS. After I added nginx-noscript and nginx-404 configuration filters to fail2ban, Cloudflare’s following IP address keep blocking.

I already added “real_ip_header CF-Connecting-IP;” to nginx file and looks like visitors IP addresses are properly restored (because my PC IP properly visible in access log). What could be the reason for this?

162.158.118.242
162.158.186.214
162.158.118.242
162.158.59.152
108.162.238.153

When I’m checking the who’s details for above IP’s it shows they belongs to Cloudflare.

Are there any solution? Or someone abusing my VPS?

Thank in advance.

sandro · December 4, 2018, 8:03pm

Did you also configure set_real_ip_from?

https://support.cloudflare.com/hc/en-us/articles/200170706-How-do-I-restore-original-visitor-IP-with-Nginx-

CHA007 · December 5, 2018, 1:38am

Yes Sandro. I already added set_real_ip_from but following IP’s are not mentioned in Cloudflare site, so they are not added.

162.158.118.242
162.158.186.214
162.158.118.242
162.158.59.152
108.162.238.153

sandro · December 5, 2018, 6:45am

Where did you take the IPs from? These are listed at https://www.cloudflare.com/ips/

system · January 3, 2019, 7:58pm

This topic was automatically closed after 30 days. New replies are no longer allowed.