© Copyright 2022 Tierri Lopes. All right reserved.
This guide assumes you already have CrowdSec installed. If you don’t, please refer to the installation guide first here: CrowdSec – Installation
1 – Log to your server terminal as root
2 – Install the bouncer with the command bellow. Choose the option appropriated to your operating system:
sudo yum install crowdsec-cloudflare-bouncer #RHEL/Centos/Fedora
sudo apt install crowdsec-cloudflare-bouncer #Ubuntu/Debian
3 – Go to Cloudflare website -> My profile -> API Tokens
https://dash.cloudflare.com/profile/api-tokens
4 – Create token and select the following options, like in the image bellow:
Account.Accout Filter Lists
Account.Account Firewall Access Rules
Zone.Zone
Zone.Zone Firewall Settings
5 – Execute the following commands, replacing TOKEN_ID by the token created in the step above:
sudo crowdsec-cloudflare-bouncer -g TOKEN_ID -o /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml
sudo crowdsec-cloudflare-bouncer -s
sudo systemctl start crowdsec-cloudflare-bouncer
6 – Follow Cloudflare documentation to restore real IPs, essential for crowdsec to work properly:
https://support.cloudflare.com/hc/en-us/articles/200170786-Restoring-original-visitor-IPs
If you use Openlitespeed follow this steps to restore real IPs:
Openlitespeed – Restore original IPs using Cloudflare
© Copyright 2022 Tierri Lopes. All right reserved.