How to delete IP access rules?

Hi, I’ve been searching everywhere for days and I can’t find any solution. Please help me. An API system has added 50 thousand IP addresses to the IP access rules list for the My domain, and google bots cannot access my site. How can i delete all IP addresses in IP access rules?

Pretty much the same way they got there. Use the API to get a list of rules, then loop through that list with an API Delete command.

Just make sure you don’t exceed the 1200 calls per 5 minute rate limit.


Is there an example to do it? I don’t know enough to do this

Here’s a post that should get you started:

1 Like

It is very slow to delete one by one. I have 50.000 IP addresses in IP access rules. Impossible to delete all with this method.

I need make 100.000 request to Cloudflare for delete all IP access rules :slight_smile: Isn’t there a simpler method?

It’s closer to 55,000 calls. 50 requests to get 1000 per request, then the 50k.

Sorry, no. Why not ask the person whose system added them there in the first place to clean it up?

I made a system that automatically adds the ip address to the ip access rules from cloudflare when a prohibited transaction is made with a blocking system. When the DDoS attack came, all incoming IP addresses were automatically blocked and this is what it turned out to be :slight_smile:

In addition, in the request, it first gets 1 ID with the API and deletes it. 2 requests are made for 1 IP.

It is taking 1 IP per page. When i try to increase it it doesn’t work

I just did this and got my small list of rules in one sweep:

curl -s -X GET "" \
     -H "X-Auth-Email: [email protected]" \
     -H "X-Auth-Key: GLOBAL_API_KEY" \
     -H "Content-Type: application/json"

I can get multiple list but i can’t delete multiple IP addresses.