I’ve found a page with IPs you will be connecting from, but no information how often this changes. Is it necessary to automate querying it every now and then, or is it enough to update manually every few months? Do you announce changes to it somewhere?
This is probably the list you found: https://www.cloudflare.com/ips/
I’ve never seen them announce changes. Updating every few months would probably work for the most part…unless they make a change right after you update.
If it’s a major concern, I’d automate your update process and have it execute more frequently.
I am not sure the list is current.
I saw CF IPs from outside those ranges in my logs.
22.214.171.124, 126.96.36.199, 188.8.131.52
184.108.40.206/13 has been in the list for a long time. It’s 220.127.116.11 - 18.104.22.168.
Thanks for the clarification.
I checked the list with the list from Wayback Machine three years ago, and essentially one entry got removed, which means using the list from three years ago has one unnecessary entry, but that’s about it.
@cloudflare please can you let us know what your policy is for changing the IP ranges?
If new IP are added, will users be notified? If so, how will users be notified? And how much notice will you give before making the change to the range (specifically adding values?
For what it’s worth, the list hasn’t changed in at least 2 years.
I believe that CF should warn customers at least 1-2 days before changing IP addresses. Many admins only allow access to their sites from Cloudflare IP addresses, so if they change, some users will not be able to access the sites.