Similar to Cloudpanel, it will be great if we can add an option to only allow traffic through cloudflare proxy and block all direct access to the server. This will help protecting against attacks directed towards the IP.
See: https://www.cloudpanel.io/docs/v1/guides/cloudflare/setup/#security

The same script can work with WordOps too, but would be great to have something for this in the docs or preferably have native support through the CLI.

Hey! Use a tool from @VirtuBox it is compatible with wordops and adds all the ips of cloudflare in the firewall of your machine, thus allowing traffic only from cloudflare, thus avoiding leaks of IP by aimless mechanism, such as shodan among others

Link: https://github.com/VirtuBox/nginx-cloudflare-real-ip

This is very similar to the script I was using from https://github.com/Paul-Reed/cloudflare-ufw

I suggest you guys use the Cloudflare API to get he IP address : https://api.cloudflare.com/client/v4/ips

in some VPS, the normal URL show the captcha page .

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.