Automating 축구중계 Fail2Ban Integration with Cloudflare

March 27, 2025, 11:12 am / ggsu20005.ampblogs.com

How can I automate the integration of Fail2Ban with AWS WAF or Cloudflare API for dynamic IP blocking?

Automating the integration of Fail2Ban with AWS WAF (Web Application Firewall) or Cloudflare API allows you to dynamically block malicious IPs at the edge before they reach your server, enhancing your security posture and reducing unnecessary load on your infrastructure.

Here’s how you can set up Fail2Ban to automatically update these platforms with newly banned IPs:

1. Automating 축구중계 Fail2Ban Integration with Cloudflare

Cloudflare offers an API that allows you to programmatically manage security settings like IP blocking. Fail2Ban can be configured to send banned IPs to Cloudflare’s firewall rules.

Step 1: Create a Cloudflare API Token

  1. Log in to Cloudflare

  2. Go to Profile → API Tokens → Create Token

  3. Select the Custom Token template

  4. Configure permissions to allow adding/removing firewall rules:

    • Zone.Zone: Read

    • Zone.Firewall: Edit

  5. Save and copy the API Token

Step 2: Install Curl on Fail2Ban Server

Ensure curl is installed on your server:


 

bash

복사

sudo apt update sudo apt install curl

Step 3: Create a Fail2Ban Action for Cloudflare Integration

Create a custom action script that will send the banned IPs to Cloudflare’s API.

Create a new action script:


 

bash

복사

sudo nano /etc/fail2ban/action.d/cloudflare.conf

Add the following configuration:


 

ini

복사

[Definition] actionstart = 축구중계 actionstop = actioncheck = actionban = curl -X POST "https://api.cloudflare.com/client/v4/zones/YOUR_ZONE_ID/firewall/access_rules/rules" -H "Authorization: Bearer YOUR_API_TOKEN" -H "Content-Type: application/json" --data '{"mode":"block","configuration":{"target":"ip","value":""},"notes":"Fail2Ban Block"}' actionunban = curl -X DELETE "https://api.cloudflare.com/client/v4/zones/YOUR_ZONE_ID/firewall/access_rules/rules/" -H "Authorization: Bearer YOUR_API_TOKEN"

  • Replace YOUR_ZONE_ID with your Cloudflare zone ID.

  • Replace YOUR_API_TOKEN with the API token you created earlier.

  • The can be fetched from the Cloudflare API after the rule is created, or you can manage it manually by looking it up in the Cloudflare dashboard.

Step 4: Integrate the Action with Fail2Ban

Now, edit your jail configuration to use this custom action for Cloudflare.

Edit /etc/fail2ban/jail.local (or the appropriate jail configuration file):


 

ini

복사

[nginx-http-auth] enabled = true filter = nginx-auth logpath = /var/log/nginx/error.log maxretry = 3 bantime = 600 action = cloudflare

This action will trigger whenever a banned IP is detected by Fail2Ban.

Restart Fail2Ban:


 

bash

복사

sudo systemctl restart fail2ban

Now, any banned IP from Fail2Ban will automatically be blocked via Cloudflare.

2. Automating 축구중계 Fail2Ban Integration with AWS WAF

You can use AWS Lambda to automatically add banned IPs to AWS WAF. Here’s how:

Step 1: Create an IAM Role for Lambda

  1. Go to the AWS IAM Console and create a new role for Lambda.

  2. Attach the following policy: AWSWAFFullAccess (for managing WAF rules).

  3. Save the IAM role.

Step 2: Create a Lambda Function

  1. Go to AWS Lambda Console and create a new function.

  2. Choose Author from Scratch, give it a name like Fail2BanWAFIntegration, and choose the IAM role you created earlier.

  3. In the Lambda function, use this Python code to block an IP in WAF:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

Comments on “Automating 축구중계 Fail2Ban Integration with Cloudflare”

Leave a Reply

Gravatar