Option to allow only Cloudflare IPs to connect to origin server

littlebizzy / slickstack

Lightning-fast WordPress on Nginx

https://slickstack.io

GNU General Public License v3.0

641 stars 112 forks source link

Option to allow only Cloudflare IPs to connect to origin server #199

Closed jessuppi closed 7 months ago

jessuppi commented 1 year ago

Another related feature that's been discussed.

Ref: https://frankindev.com/2020/11/18/allow-cloudflare-only-in-nginx/

jessuppi commented 8 months ago

https://slickstack.io/forum/topic/slickstack-with-cloudflare-authenticated-origin-pull-tls-feature

jessuppi commented 7 months ago

This is now supported, via ss-install-nginx-config. The new allowed-ips.conf submodule will be installed if the option CLOUDFLARE_IPS_ONLY is set to true in your ss-config:

https://github.com/littlebizzy/slickstack/blob/master/modules/nginx/includes/allowed-ips-conf.txt

https://github.com/littlebizzy/slickstack/blob/master/bash/ss-install-nginx-config.txt