Page 1 of 1
CloudFlare Client API
Posted: Wed Jul 18, 2018 5:05 pm
by webfeatus
I have set this up.
What does it actually do?
Re: CloudFlare Client API
Posted: Fri Jul 20, 2018 6:11 pm
by mikeshinn
It allows your system to send a request to Cloudflare to shun an IP. There is a finite limit to the number of IPs they will let you block, but this helps with the issue that a CDN prevents you from blocking IPs locally.
Re: CloudFlare Client API
Posted: Sat Jul 21, 2018 3:22 pm
by Imaging
Mike:
Has there been consideration for adding removal code as well? Perhaps a periodic function that would remove IPs that were X days old would help with the issue of the IP buildup over time?
Re: CloudFlare Client API
Posted: Mon Jul 23, 2018 2:03 pm
by mikeshinn
IPs are already removed automatically based on whatever period you have set for normal shuns.
There is no limit the number of IPs you can shun locally, there is a limit to the number of IPs Cloudflare and other CDNs will let you block.
Re: CloudFlare Client API
Posted: Tue Jul 24, 2018 2:53 pm
by Imaging
Mike:
Thanks for the clarification. I'd previously thought that the mention of the IP limit at Cloudflare was due to the shunned IPs building up over time as they weren't being removed at Cloudflare (making it likely that the overall limit would be reached).
Re: CloudFlare Client API
Posted: Tue Jul 24, 2018 3:53 pm
by mikeshinn
No its just a limit of the total number of IPs they and other CDNs will allow you to block at any time. Once you bit whatever limit they have you cant block anything else on their end. Keep that in mind when you use a CDN. For example, here is an article from CloudFlare documenting their limits:
https://support.cloudflare.com/hc/en-us ... -Firewall-