• Make sure that the mod_cloudflare Apache module is installed and active. This can be done by installing the ServerShield by CloudFlare extension or manually using these instructions
• Make sure to add the Cloudflare IP addresses from https://www.cloudflare.com/ips/ to ignore permanently
/etc/csf/csf.ignoreto prevent them from being blocked by the login failure daemon.
Cloudflare firewall -
Enable the Cloudflare Firewall. Cloudflare have provided a Firewall feature within the user account where rules can be added to block, challenge or whitelist IP addresses. Using the Cloudflare API, this feature adds and removes attacking IPs from that firewall and provides CLI (and via the UI) additional commands.
Cloudflare mode -
This can be set to either "block" or "challenge".
block: Block will simply block the request entirely, with no option to bypass it for that request.
challenge: Will display a challenge (CAPTCHA) page that must be completed before the request in question is allowed access.
Cloudflare block time -
This setting determines how long the temporary block will apply within csf and Cloudflare, keeping them in sync. Block duration in seconds - overrides perm block or time of individual blocks in lfd for block triggers. This should be configured taking into account the maximum number of rules that the Cloudflare account allows.
Configure the Cloudflare API accounts for use with the CloudFlare Firewall. It is controlled by the file
# CloudFlare client credientials for any domain triggered: DOMAIN:any:USER:myuser:CFACCOUNT:email@example.com:CFAPIKEY:12345abcdef6789 # CloudFlare client credientials for example.com involved in trigger: DOMAIN:example.com:USER:myuser:CFACCOUNT:firstname.lastname@example.org:CFAPIKEY:12345abcdef6789
|DOMAIN||Domain name or enter "any" (no quotes) to match all triggers regardless of domain name||example.com or any|
|USER||A unique name for the entry, but does not have to be a local linux account name||myuser|
|CFACCOUNT||The CloudFlare login user (email address)||email@example.com|
|CFAPIKEY||The Cloudflare Client API Key||12345abcdef6789|