CloudFlare Client API

Customer support forums for Atomic Protector (formerly Atomic Secured Linux). There is no such thing as a bad question here as long as it pertains to using Atomic Protector. Newbies feel free to get help getting started or asking questions that may be obvious. Regular users are asked to be gentle. :-)
User avatar
webfeatus
Forum Regular
Forum Regular
Posts: 196
Joined: Wed Jan 13, 2010 9:11 am
Location: Bali

CloudFlare Client API

Unread post by webfeatus »

I have set this up.
What does it actually do?
They say that good intentions, pave the road to hell;
If a thing is not worth doing, it's not worth doing well.
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4132
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

Re: CloudFlare Client API

Unread post by mikeshinn »

It allows your system to send a request to Cloudflare to shun an IP. There is a finite limit to the number of IPs they will let you block, but this helps with the issue that a CDN prevents you from blocking IPs locally.
Imaging
Forum Regular
Forum Regular
Posts: 337
Joined: Sat Sep 25, 2010 2:46 pm

Re: CloudFlare Client API

Unread post by Imaging »

Mike:

Has there been consideration for adding removal code as well? Perhaps a periodic function that would remove IPs that were X days old would help with the issue of the IP buildup over time?
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4132
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

Re: CloudFlare Client API

Unread post by mikeshinn »

IPs are already removed automatically based on whatever period you have set for normal shuns.

There is no limit the number of IPs you can shun locally, there is a limit to the number of IPs Cloudflare and other CDNs will let you block.
Imaging
Forum Regular
Forum Regular
Posts: 337
Joined: Sat Sep 25, 2010 2:46 pm

Re: CloudFlare Client API

Unread post by Imaging »

Mike:

Thanks for the clarification. I'd previously thought that the mention of the IP limit at Cloudflare was due to the shunned IPs building up over time as they weren't being removed at Cloudflare (making it likely that the overall limit would be reached).
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4132
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

Re: CloudFlare Client API

Unread post by mikeshinn »

No its just a limit of the total number of IPs they and other CDNs will allow you to block at any time. Once you bit whatever limit they have you cant block anything else on their end. Keep that in mind when you use a CDN. For example, here is an article from CloudFlare documenting their limits:

https://support.cloudflare.com/hc/en-us ... -Firewall-
Post Reply