CrowdSec – Install Cloudflare bouncer

This guide assumes you already have CrowdSec installed. If you don’t, please refer to the installation guide first here: CrowdSec – Installation

   1 – Log to your server terminal as root

   2 – Install the bouncer with the command bellow. Choose the option appropriated to your operating system:

				
					sudo yum install crowdsec-cloudflare-bouncer #RHEL/Centos/Fedora 
sudo apt install crowdsec-cloudflare-bouncer #Ubuntu/Debian

   3 – Go to Cloudflare website -> My profile -> API Tokens

				
					https://dash.cloudflare.com/profile/api-tokens

   4 – Create token and select the following options, like in the image bellow:

				
					Account.Accout Filter Lists
Account.Account Firewall Access Rules
Zone.Zone
Zone.Zone Firewall Settings

   5 – Execute the following commands, replacing TOKEN_ID by the token created in the step above:

				
					sudo crowdsec-cloudflare-bouncer -g TOKEN_ID -o /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml
sudo crowdsec-cloudflare-bouncer -s 
sudo systemctl start crowdsec-cloudflare-bouncer

   6 – Follow Cloudflare documentation  to restore real IPs, essential for crowdsec to work properly:

https://support.cloudflare.com/hc/en-us/articles/200170786-Restoring-original-visitor-IPs

   If you use Openlitespeed follow this steps to restore real IPs:

Openlitespeed – Restore original IPs using Cloudflare

Contact

Quick Links

Social

Facebook Linkedin Github

© Copyright 2022 Tierri Lopes. All right reserved.