Can I still use fail2ban while using Cloudflare?

Yes, you can still use fail2ban to block IPs on your server. Since Cloudflare is a reverse proxy, however, you do want to make sure you have a solution to restore original visitor IP back to your server logs using Cloudflare and fail2ban at the same time. If you do not have something to restore the visitor IP, then Cloudflare's IPs are going to show in your logs and blocking Cloudflare's IPs via fail2ban inadvertently would lead to some site visitors not being able to access your site and/or site offline error messages.

Note: You can also block IPs in the Firewall section in your Cloudflare account as well. If you would prefer to block IPs programmatically, you can also look at using the Cloudflare API to block (or trust) IPs.

 

 

Still not finding what you need?

The Cloudflare team is here to help. 95% of questions can be answered using the search tool, but if you can’t find what you need, submit a support request.

Powered by Zendesk