Update Cloudflare IP list

• Overview
• How the template works
• How to use the template
  • Step 1: Create Cloudflare Bearer token credentials
  • Step 2: Use this workflow template
  • Step 3: Define variables
    • Step 3.1: Cloudflare Account ID
    • Step 3.2: Cloudflare custom list ID
  • Step 4: Define the schedule with cron expression
• Relevant resources

Overview

Cloudflare IP lists contain one or more IP addresses or IP ranges. These lists serve multiple purposes, including:

• Filter incoming and outgoing traffic based on predefined rules associated with IP addresses. This allows for the prioritization, restriction, or blocking of traffic originating from specific IPs.

• Control access to network resources, such as websites, applications, or APIs. By configuring rules based on IP addresses, they can restrict or grant access to specific areas of their infrastructure, enhancing security and compliance.

• Identification and mitigation of threats by blocking traffic from known malicious IPs, suspicious sources, or those associated with nefarious activities. This proactive approach helps safeguard against various cyber threats, including DDoS attacks, brute force attacks, and malicious bot traffic.

This workflow template uses Cloudflare API to update an IP list daily to keep it up-to-date.

How the template works

1. Retrieve IPs: The template initiates by fetching a list of IP addresses from designated sources, such as network logs, databases, or threat intelligence feeds. These IP addresses may represent known malicious actors, legitimate users, or other entities interacting with the network.

2. Prepare IPs: Upon retrieving the IP addresses, the template processes and prepares the data for integration with Cloudflare's custom IP lists. This involves formatting the IP addresses according to Cloudflare's specifications and organizing them in a structured manner for efficient handling.

3. Update Cloudflare: The prepared list of IP addresses is then sent to Cloudflare via its API. The API is utilized to update the custom IP list, applying any necessary actions such as adding, removing, or modifying entries.

How to use the template

Step 1: Create Cloudflare Bearer token credentials

1. Generate a Cloudflare API token

2. Log in to the SimWorkflow.

3. Navigate to Credentials.

4. Click Create credentials button.

5. Select Bearer token tab.

6. Enter Cloudflare in the Name field.

7. Enter the Cloudflare API token in the Bearer token field.

8. Click Create credentials button.

Step 2: Use this workflow template

1. Click Use this template button on the top right of this page.
2. Click Update Cloudflare task and select Configuration tab.
3. Select Cloudflare (Bearer Token) for the Credentials field.
4. Click Save button.
5. Toggle the Enable checkbox to enable the workflow definition.

Step 3: Define variables

1. Navigate to Workflow definitions.

2. Click Variables menu item from the three dots (more options) menu of the Update Cloudflare custom list workflow definition.

Step 3.1: Cloudflare Account ID

1. Enter cloudflareAccountId in the Variable key field.

2. Enter the Cloudflare account ID in the Variable value field.

3. Click Save variable button.

Step 3.2: Cloudflare custom list ID

1. Enter cloudflareListId in the Variable key field.

2. Enter the Cloudflare list ID in the Variable value field.

3. Click Save variable button.

Step 4: Define the schedule with cron expression

1. Navigate to Workflow definitions.

2. Click Schedule trigger menu item from the three dots (more options) menu of the Update Cloudflare custom list workflow definition.

3. Turn on Schedule trigger on field.

4. Select a user for User to start the workflow as field.

5. Enter @daily in the Schedule cron expression field.

6. Click Save schedule trigger button.

Relevant resources

• Cloudflare: Introducing IP Lists
• Cloudflare: Custom lists
• Cloudflare: WAF - IP Access Rules
• Cloudflare: Find zone and account IDs