Cloudflare is making infrastructure changes to simplify customer configuration, and reduce the number of IPv4 addresses that could potentially interact with your origin on Cloudflare’s behalf.
If your security model relies on allowing a list of trusted Cloudflare IPs from cloudflare.com/ips (or via API) on your origin, please make the following changes to your allow list by May 7, 2021. This change is safe to make today.
Remove:
104.16.0.0/12
Add:
104.16.0.0/13
104.24.0.0/14
This change delists the 104.28.0.0/14 prefix, which is no longer in use by Cloudflare infrastructure. These addresses will be repurposed for use with our Gateway and WARP (secure web gateway and VPN) products, and may carry traffic from untrusted sources in the future.
Cloudflare does not recommend enforcing security policy at origins solely by trusting IP addresses. Argo Tunnels and Authenticated Origin Pulls provide more secure and specific ways to secure origin connections from Cloudflare.Further detail on how to configure Argo Tunnels.
Further detail on how to configure Authenticated Origin Pulls.
If you have further questions, please visit the Cloudflare Community.
Regards,
The Cloudflare Team
104.16.0.0/12 대역이 빠지고 104.16.0.0/13, 104.24.0.0/14 대역이 추가됩니다. fixcloudflare 등 리스트를 수동으로 체크하는 경우 아이피 대역을 갱신하셔야 합니다.
라이믹스는 리스트가 내장되어 있으므로 https://github.com/rhymix/rhymix/pull/1681 이 PR대로 수정하시거나 업데이트를 기다리시면 됩니다.