// CLOUDFLARE / NGINX
Cloudflare · Nginx
Nginx allow/deny config for Cloudflare. Drop into your server block or http context. 22 CIDRs, refreshed daily.
// nginx_cloudflare_allow.conf
# Cloudflare IP Ranges # Updated: 2026-02-11 02:06:57 # Source: https://github.com/rezmoss/cloud-provider-ip-addresses # License: https://github.com/rezmoss/cloud-provider-ip-addresses/LICENSE # This file is generated automatically. Do not edit it directly. # Updates daily at 00:00 UTC # To restrict access to only these IPs in nginx, # add the following line to your server block in your nginx configuration file (e.g., /etc/nginx/nginx.conf or /etc/nginx/sites-available/default): # include /path/to/nginx_cloudflare_allow.conf; allow 173.245.48.0/20; allow 103.21.244.0/22; allow 103.22.200.0/22; allow 103.31.4.0/22; allow 141.101.64.0/18; allow 108.162.192.0/18; allow 190.93.240.0/20; allow 188.114.96.0/20; allow 197.234.240.0/22; allow 198.41.128.0/17; allow 162.158.0.0/15; allow 104.16.0.0/13; allow 104.24.0.0/14; allow 172.64.0.0/13; allow 131.0.72.0/22; … (8 more lines)
// nginx_cloudflare_deny.conf
# Cloudflare IP Ranges # Updated: 2026-02-11 02:06:57 # Source: https://github.com/rezmoss/cloud-provider-ip-addresses # License: https://github.com/rezmoss/cloud-provider-ip-addresses/LICENSE # This file is generated automatically. Do not edit it directly. # Updates daily at 00:00 UTC # To deny access from these IPs in nginx, # add the following line to your server block in your nginx configuration file (e.g., /etc/nginx/nginx.conf or /etc/nginx/sites-available/default): # include /path/to/nginx_cloudflare_deny.conf; deny 173.245.48.0/20; deny 103.21.244.0/22; deny 103.22.200.0/22; deny 103.31.4.0/22; deny 141.101.64.0/18; deny 108.162.192.0/18; deny 190.93.240.0/20; deny 188.114.96.0/20; deny 197.234.240.0/22; deny 198.41.128.0/17; deny 162.158.0.0/15; deny 104.16.0.0/13; deny 104.24.0.0/14; deny 172.64.0.0/13; deny 131.0.72.0/22; … (8 more lines)