CrowdSec – Install Cloudflare bouncer

This guide assumes you already have CrowdSec installed. If you don’t, please refer to the installation guide first here: CrowdSec – Installation

   1 – Log to your server terminal as root

   2 – Install the bouncer with the command bellow. Choose the option appropriated to your operating system:

					sudo yum install crowdsec-cloudflare-bouncer #RHEL/Centos/Fedora 
sudo apt install crowdsec-cloudflare-bouncer #Ubuntu/Debian

   3 – Go to Cloudflare website -> My profile -> API Tokens


   4 – Create token and select the following options, like in the image bellow:

					Account.Accout Filter Lists
Account.Account Firewall Access Rules
Zone.Zone Firewall Settings

   5 – Execute the following commands, replacing TOKEN_ID by the token created in the step above:

					sudo crowdsec-cloudflare-bouncer -g TOKEN_ID -o /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml
sudo crowdsec-cloudflare-bouncer -s 
sudo systemctl start crowdsec-cloudflare-bouncer

   6 – Follow Cloudflare documentation  to restore real IPs, essential for crowdsec to work properly:

   If you use Openlitespeed follow this steps to restore real IPs:

Openlitespeed – Restore original IPs using Cloudflare

Quick Links


© Copyright 2022 Tierri Lopes. All right reserved.