How to Use the Command `flarectl` (with Examples)
Flarectl is the official command line interface (CLI) for managing Cloudflare services. It’s a powerful tool that allows users to automate and control their Cloudflare settings directly from the command line. This tool can be extremely useful for developers and system administrators who manage websites, as it offers a variety of functionalities such as controlling DNS records, managing firewall settings, and acquiring zone information, all without needing to navigate through the Cloudflare dashboard.
Use Case 1: Blocking a Specific IP
Code:
flarectl firewall rules create --zone="example.com" --value="8.8.8.8" --mode="block" --notes="Block bad actor"
Motivation:
When managing a web service or website, it’s common to encounter unwanted or malicious traffic from specific IP addresses. Blocking a particular IP address is a common task to protect the server from potential threats, such as DDoS attacks or unauthorized access attempts. By blocking a known malicious IP, you can prevent any requests from that address from reaching your server, thus improving the security and performance of your site.
Explanation:
flarectl firewall rules create
: This indicates that we are creating a new firewall rule.--zone="example.com"
: Specifies the domain for which this rule applies.--value="8.8.8.8"
: Denotes the IP address to block.--mode="block"
: Sets the mode of the firewall rule to block the specified IP.--notes="Block bad actor"
: Allows you to add a note or description to this firewall rule for future reference.
Example Output:
Successfully created firewall rule to block IP: 8.8.8.8 on zone: example.com
Use Case 2: Adding a DNS Record
Code:
flarectl dns create --zone="example.com" --name="app" --type="CNAME" --content="myapp.herokuapp.com" --proxy
Motivation:
Managing DNS records is a frequent task for site administrators. Whether you’re launching a new app or changing your server location, you’ll often need to update or create DNS records. The CNAME
record is crucial when you want to point one domain to another domain name, which may help in managing subdomains or migrating services without disrupting the URLs used.
Explanation:
flarectl dns create
: Indicates that a new DNS record will be created.--zone="example.com"
: Specifies the domain where this DNS record will be added.--name="app"
: Assigns the subdomain or name of the DNS record.--type="CNAME"
: Indicates the type of DNS record. CNAME is used to alias one domain name to another.--content="myapp.herokuapp.com"
: The value or target to which the subdomain will point.--proxy
: Enables Cloudflare’s proxy, providing additional performance and security features on the subdomain.
Example Output:
Successfully created DNS CNAME record for app.example.com pointing to myapp.herokuapp.com
Use Case 3: Listing All Cloudflare IPv4/IPv6 Ranges
Code:
flarectl ips --ip-type ipv4|ipv6|all
Motivation:
Understanding the IP ranges used by Cloudflare can be critical when configuring server firewalls, especially when you need to allow or block specific types of traffic. This knowledge can also help ensure that you aren’t inadvertently blocking legitimate requests coming through Cloudflare’s network.
Explanation:
flarectl ips
: Commands the tool to retrieve and display IP ranges.--ip-type ipv4|ipv6|all
: Designates the type of IP ranges to be listed, supporting IPv4, IPv6, or both.
Example Output:
IPv4 Ranges:
- 173.245.48.0/20
- 103.21.244.0/22
IPv6 Ranges:
- 2400:cb00::/32
- 2606:4700::/32
Use Case 4: Creating Many New Cloudflare Zones Automatically
Code:
for domain in $(cat domains.txt); do flarectl zone info --zone=$domain; done
Motivation:
Bulk operations can save significant time when managing multiple domains with Cloudflare. Automatically creating zones for all domains listed in a file enhances productivity by streamlining the process of onboarding new domains, especially beneficial for agencies or businesses managing numerous client websites.
Explanation:
for domain in $(cat domains.txt)
: Loops through each domain listed in the domains.txt file.flarectl zone info --zone=$domain
: Retrieves information for each zone (domain) specified in the loop.
Example Output:
Fetching information for domain1.com
Zone ID: abc123
Name: domain1.com
Status: active
Fetching information for domain2.com
Zone ID: def456
Name: domain2.com
Status: pending
Use Case 5: Listing All Firewall Rules
Code:
flarectl firewall rules list
Motivation:
Regularly reviewing firewall rules is a good practice to ensure your firewall settings are up to date and there are no unintended or deprecated rules that could impair site security or performance. This functionality enables the user to manage and audit firewall rules efficiently.
Explanation:
flarectl firewall rules list
: This command lists all existing firewall rules for your Cloudflare account.
Example Output:
Rule 1: Block 8.8.8.8 - Enabled
Rule 2: Challenge traffic from 192.168.0.1/24 - Disabled
Rule 3: Allow traffic from 1.1.1.1 - Enabled
Conclusion:
Flarectl offers an efficient way to manage and automate various Cloudflare features directly from the command line, significantly simplifying domain and security management tasks. Whether you’re adding DNS records, managing firewall rules, or auditing network information, flarectl provides a streamlined workflow, allowing for rapid configuration changes and operational consistency across your web assets. Embracing these use cases can lead to improved security posture, better performance, and operational efficiencies.