Cloudflare切换5秒盾脚本防CC攻击

5秒盾是cloudflare防CC攻击的最佳手段
当使用Cloudflare被攻击时,可以使用这个脚本直接切换到5秒盾

下载脚本后,按说明配置后,可以运行

STEP 1 配置脚本里面的API

API_KEY You're Global API Key (https://dash.cloudflare.com/profile)
MAIL_ACCOUNT Email of your Cloudflare account
DOMAIN Zone ID (https://dash.cloudflare.com/_zone-id_/domain.com)

STEP 2 设置计划任务
crontab -e

*/1 * * * * /root/DDoS/Cloudflare.sh 0 # check every 1 minute if protection is not enabled
*/20 * * * * /root/DDoS/Cloudflare.sh 1 # check every 20 minutes if protection is enabled

脚本备份

#!/bin/bash


# $1 = 1min, $2 = 5min, $3 = 15min
loadavg=$(cat /proc/loadavg|awk '{printf "%f", $1}')


# load is 10, you can modify this if you want load more than 10
maxload=10


# Configuration API Cloudflare
# You're Global API Key (https://dash.cloudflare.com/profile)
api_key=
# Email of your account Cloudflare
email=
# Zone ID (https://dash.cloudflare.com/_zone-id_/domain.com)
zone_id=     

attacking='./attacking'
# create file attacking if doesn't exist
if [ ! -e $attacking ]; then
	echo 0 > $attacking
fi


hasattack=$(cat $attacking)


if [ $(echo "$loadavg > $maxload"|bc) -eq 1 ]; then

	if [[ $hasattack = 0 && $1 = 0 ]]; then

		# Active protection
		echo 1 > $attacking
		curl -s -X PATCH "https://api.cloudflare.com/client/v4/zones/$zone_id/settings/security_level" \
						-H "X-Auth-Email: $email" \
						-H "X-Auth-Key: $api_key" \
						-H "Content-Type: application/json" \
						--data '{"value":"under_attack"}'
	fi

	else
		if [[ $hasattack = 1 && $1 = 1 ]]; then

		# Disable Protection
		echo 0 > $attacking
		curl -s -X PATCH "https://api.cloudflare.com/client/v4/zones/$zone_id/settings/security_level" \
						-H "X-Auth-Email: $email" \
						-H "X-Auth-Key: $api_key" \
						-H "Content-Type: application/json" \
						--data '{"value":"high"}'
	fi
fi

exit 0

更新单个防火墙规则(补充)


https://api.cloudflare.com/#firewall-rules-update-individual-firewall-rule
格式:
PUT zones/:zone_identifier/firewall/rules/:id

示例:
curl -X PUT "https://api.cloudflare.com/client/v4/zones/023e105f4ecef8ad9ca31a8372d0c353/firewall/rules/372e67954025e0ba6aaa6d586b9e0b60" \
-H "X-Auth-Email: [email protected]" \
-H "X-Auth-Key: c2547eb745079dac9320b638f5e225cf483cc5cfdda41" \
-H "Content-Type: application/json" \
--data '[{"id":"372e67954025e0ba6aaa6d586b9e0b60","filter":{"id":"372e67954025e0ba6aaa6d586b9e0b61","expression":" ip.addr ne 8.8.8.8","paused":false,"description":"captcha anti-cc","ref":"ANTI-CC"},"action":"challenge","priority":50,"paused":false,"description":"Blocks traffic identified during investigation for captcha-CC","ref":"captcha-CC"}]'

来源: https://github.com/Machou/Cloudflare-Block

2 条评论

  1. guest avatar
    Kevin

    好像不管用呀,提示./attacking文件不存在

    1. guest avatar
      老刘
      @Kevin

      我去github看了一下源代码, 把26行的attacking=./attacking剪切到20行,应该可行.
      问题不大,没有测试..

此处评论已关闭