From 7747f99214f56c873d62ac1b66c784f0267bc22f Mon Sep 17 00:00:00 2001 From: Mitchell Krog UB1 Date: Mon, 6 Feb 2017 09:43:41 +0200 Subject: [PATCH] Added Whitelisting of Cloudflare IP Ranges --- conf.d/globalblacklist.conf | 33 +++++++++++++++++++++++++++++---- 1 file changed, 29 insertions(+), 4 deletions(-) diff --git a/conf.d/globalblacklist.conf b/conf.d/globalblacklist.conf index 626a5ec69..5be54a536 100644 --- a/conf.d/globalblacklist.conf +++ b/conf.d/globalblacklist.conf @@ -2,7 +2,7 @@ ### THE ULTIMATE NGINX BAD BOT BLOCKER ### ********************************** -### Version 2.2017.01 +### Version 2.2017.02 ### This file implements a checklist / blacklist for good user agents, bad user agents and ### bad referrers. It also has whitelisting for your own IP's and known good IP Ranges @@ -17,11 +17,11 @@ ### - https://github.com/oohnoitz/nginx-blacklist ### Last Updated -### Mon Feb 6 09:25:31 SAST 2017 +### Mon Feb 6 09:43:41 SAST 2017 ### End Last Updated ### Generated in -### 0.275014400482 seconds +### 0.304213285446 seconds ### End Generated in ### Tested on: nginx/1.10.0 (Ubuntu 16.04) @@ -4773,7 +4773,32 @@ geo $validate_client { 157.54.0.0/15 0; 157.60.0.0/16 0; # END BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ### - + +# START CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ### + 103.21.244.0/22 0; + 103.22.200.0/22 0; + 103.31.4.0/22 0; + 104.16.0.0/12 0; + 108.162.192.0/18 0; + 131.0.72.0/22 0; + 141.101.64.0/18 0; + 162.158.0.0/15 0; + 172.64.0.0/13 0; + 173.245.48.0/20 0; + 188.114.96.0/20 0; + 190.93.240.0/20 0; + 197.234.240.0/22 0; + 198.41.128.0/17 0; + 199.27.128.0/21 0; + 2400:cb00::/32 0; + 2405:8100::/32 0; + 2405:b500::/32 0; + 2606:4700::/32 0; + 2803:f800::/32 0; + 2c0f:f248::/32 0; + 2a06:98c0::/29 0; +# END CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ### + # Cyveillance / Qwest Communications # ********************************** # I am extensively researching this subject - appears to be US government involved