For example, use a list of known office IP addresses in a firewall rule that allows requests from the addresses on the list to bypass security features. Or you may want to block requests that do not come from the known office addresses.
When you update the content of a list, any rules that use the list are automatically updated, so you can make a single change to your firewall rules list rather than modify rules individually.
Cloudflare stores your lists at the account level and sends to the edge, so you can view, manage, and incorporate them into firewall rules for any of your zones.
Advantages of IP Lists
Using IP Lists has these advantages:
- When creating a firewall rule, using an IP List is easier and less error-prone than adding a long list of IP addresses to a firewall rules expression.
- When updating a set of firewall rules that target the same group of IP addresses, using an IP List is easier and less error prone than editing multiple firewall rules.
- IP Lists are easier to read and more informative, particularly when you use descriptive names for your lists.
Managed IP Lists
Use Managed IP Lists to access Cloudflare’s IP threat intelligence. The available Managed IP Lists depend on your Cloudflare plan.
Cloudflare provides the following Managed IP Lists:
|Display name||Name in expressions||Description|
|Cloudflare Open Proxies||IP addresses of known open HTTP and SOCKS proxy endpoints, which are frequently used to launch attacks and hide attackers identity.|
|Cloudflare Anonymizers||IP addresses of known anonymizers (Open SOCKS Proxies, VPNs, and TOR nodes).|
|Cloudflare VPNs||IP addresses of known VPN servers.|
|Cloudflare Malware||IP addresses of known sources of malware.|
|Cloudflare Botnets, Command and Control Servers||IP addresses of known botnet command-and-control servers.|
The number of IP Lists you can create depends on the Cloudflare plans associated with the zones in your account. You can store up to a total of 10,000 items across all your lists, regardless of your plan.
The available Managed IP Lists depend on your Cloudflare plan.
|Number of IP Lists||1||10||10||10||10|
|Cloudflare Open Proxies Managed IP List||–||–||–||Yes||Yes|
User role requirements
The following user roles have access to the list management functionality:
- Super Administrator
Using lists in expressions
Both the Cloudflare dashboard and the Cloudflare API support IP Lists.