Cloudflare IP's getting ban fail2ban for no-script and 404 URL's

c.b.udagama · 2018-12-04 19:58:48 UTC

Hello,

I have installed Fail2ban on my Ubuntu VPS. After I added nginx-noscript and nginx-404 configuration filters to fail2ban, cloudflare’s following IP address keep blocking.

I already added “real_ip_header CF-Connecting-IP;” to nginx file and looks like visitors IP addresses are properly restored (because my PC IP properly visible in access log). What could be the reason for this?

162.158.118.242
162.158.186.214
162.158.118.242
162.158.59.152
108.162.238.153

When I’m checking the who’s details for above IP’s it shows they belongs to Cloudflare.

Are there any solution? Or someone abusing my VPS?

Thank in advance.

sandro · 2018-12-04 20:03:21 UTC

Did you also configure set_real_ip_from?

c.b.udagama · 2018-12-05 01:38:34 UTC

Yes Sandro. I already added set_real_ip_from but following IP’s are not mentioned in CloudFlare site, so they are not added.

162.158.118.242
162.158.186.214
162.158.118.242
162.158.59.152
108.162.238.153

sandro · 2018-12-05 06:45:01 UTC

Where did you take the IPs from? These are listed at https://www.cloudflare.com/ips/