Home
Uncategorized
CloudFlare: Change Security Level Value Programmatically for Multiple Domains via PHP/Python/Bash Script
Uncategorized

CloudFlare: Change Security Level Value Programmatically for Multiple Domains via PHP/Python/Bash Script

No Comments


I have 15 domains, and they are all at CloudFlare. I would like to update the security level to all domains at once, programmatically. The security level could be one of these: “Essentially off”, “low”, “medium”, “high” and “I’m under attack!”.

cloudflare-security-level-setting CloudFlare: Change Security Level Value Programmatically for Multiple Domains via PHP/Python/Bash Script API bash script cloud CloudFlare php python Python

Cloudfare Security Level Setting in Dashboard

Luckily, cloudflare provides API, and we can do this via the following PHP Script. You need to change the email, and provide a API token. Also, the zone id for each domain needs to be obtained in the Cloudflare Dashboard.

Here is the PHP version to update the security level for multiple domains:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

$email = "EMAIL";
$token = "TOKEN";
$zones = array(
    "helloacm.com" => "zone id",
    // other domains here
);
 
function change_security_value($email, $zone, $token, $level = "medium") {
    $cmd = "curl -s --request PATCH \
    --url https://api.cloudflare.com/client/v4/zones/$zone/settings/security_level \
    --header 'X-Auth-Email: $email' \
    --header 'Authorization: Bearer $token' \
    --header 'Content-Type: application/json' \
    --data '{
    \"value\": \"$level\"
    }'";
    echo $cmd . "\n\n";
    $data = trim(shell_exec($cmd));
    return $data;
}
 
foreach($zones as $domain => $zone_id) {
    echo "Updating $domain ...\n\n ";
    $data1 = change_security_value($email, $zone_id, $token, "medium");
    if (!$data1) {
        echo "ERROR! $domain\n";
        break;
    }
    $data = json_decode($data1, true);
    if ($data["success"]===0) {
        echo "FAILURE! $domain\n";
        break;
    }
    sleep(1);
}
 
$email = "EMAIL";
$token = "TOKEN";
$zones = array(
    "helloacm.com" => "zone id",
    // other domains here
);

function change_security_value($email, $zone, $token, $level = "medium") {
    $cmd = "curl -s --request PATCH \
    --url https://api.cloudflare.com/client/v4/zones/$zone/settings/security_level \
    --header 'X-Auth-Email: $email' \
    --header 'Authorization: Bearer $token' \
    --header 'Content-Type: application/json' \
    --data '{
    \"value\": \"$level\"
    }'";
    echo $cmd . "\n\n";
    $data = trim(shell_exec($cmd));
    return $data;
}

foreach($zones as $domain => $zone_id) {
    echo "Updating $domain ...\n\n ";
    $data1 = change_security_value($email, $zone_id, $token, "medium");
    if (!$data1) {
        echo "ERROR! $domain\n";
        break;
    }
    $data = json_decode($data1, true);
    if ($data["success"]===0) {
        echo "FAILURE! $domain\n";
        break;
    }
    sleep(1);
}

Here is the Python version:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

import requests
import time
 
email = "EMAIL"
token = "TOKEN"
zones = {
    "helloacm.com": "zone id",
    # other domains 
}
 
def change_security_value(email, zone, token, level="medium"):
    url = f"https://api.cloudflare.com/client/v4/zones/{zone}/settings/security_level"
    headers = {
        'X-Auth-Email': email,
        'Authorization': f'Bearer {token}',
        'Content-Type': 'application/json'
    }
    data = {
        'value': level
    }
    response = requests.patch(url, headers=headers, json=data)
    print(f"curl command for {zone}:\n{response.request.body}\n\n")
    return response.text
 
for domain, zone_id in zones.items():
    print(f"Updating {domain} ...\n\n")
    data1 = change_security_value(email, zone_id, token, "medium")
    if not data1:
        print(f"ERROR! {domain}\n")
        break
    data = data1.json()
    if data["success"] == 0:
        print(f"FAILURE! {domain}\n")
        break
    time.sleep(1)
 
import requests
import time

email = "EMAIL"
token = "TOKEN"
zones = {
    "helloacm.com": "zone id",
    # other domains 
}

def change_security_value(email, zone, token, level="medium"):
    url = f"https://api.cloudflare.com/client/v4/zones/{zone}/settings/security_level"
    headers = {
        'X-Auth-Email': email,
        'Authorization': f'Bearer {token}',
        'Content-Type': 'application/json'
    }
    data = {
        'value': level
    }
    response = requests.patch(url, headers=headers, json=data)
    print(f"curl command for {zone}:\n{response.request.body}\n\n")
    return response.text

for domain, zone_id in zones.items():
    print(f"Updating {domain} ...\n\n")
    data1 = change_security_value(email, zone_id, token, "medium")
    if not data1:
        print(f"ERROR! {domain}\n")
        break
    data = data1.json()
    if data["success"] == 0:
        print(f"FAILURE! {domain}\n")
        break
    time.sleep(1)

And here is the BASH version:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

#!/bin/bash
 
email="EMAIL"
token="TOKEN"
declare -A zones=(["helloacm.com"]="zone id")
 
change_security_value() {
    local email=$1
    local zone=$2
    local token=$3
    local level=${4:-"medium"}
    local cmd="curl -s --request PATCH \
    --url https://api.cloudflare.com/client/v4/zones/$zone/settings/security_level \
    --header 'X-Auth-Email: $email' \
    --header 'Authorization: Bearer $token' \
    --header 'Content-Type: application/json' \
    --data '{
    \"value\": \"$level\"
    }'"
    echo -e "$cmd\n\n"
    local data=$(eval $cmd)
    echo $data
}
 
for domain in "${!zones[@]}"; do
    echo "Updating $domain ...\n\n "
    data1=$(change_security_value $email ${zones[$domain]} $token "medium")
    if [[ -z "$data1" ]]; then
        echo "ERROR! $domain\n"
        break
    fi
    success=$(echo $data1 | jq '.success')
    if [[ $success == 0 ]]; then
        echo "FAILURE! $domain\n"
        break
    fi
    sleep 1
done
 
#!/bin/bash

email="EMAIL"
token="TOKEN"
declare -A zones=(["helloacm.com"]="zone id")

change_security_value() {
    local email=$1
    local zone=$2
    local token=$3
    local level=${4:-"medium"}
    local cmd="curl -s --request PATCH \
    --url https://api.cloudflare.com/client/v4/zones/$zone/settings/security_level \
    --header 'X-Auth-Email: $email' \
    --header 'Authorization: Bearer $token' \
    --header 'Content-Type: application/json' \
    --data '{
    \"value\": \"$level\"
    }'"
    echo -e "$cmd\n\n"
    local data=$(eval $cmd)
    echo $data
}

for domain in "${!zones[@]}"; do
    echo "Updating $domain ...\n\n "
    data1=$(change_security_value $email ${zones[$domain]} $token "medium")
    if [[ -z "$data1" ]]; then
        echo "ERROR! $domain\n"
        break
    fi
    success=$(echo $data1 | jq '.success')
    if [[ $success == 0 ]]; then
        echo "FAILURE! $domain\n"
        break
    fi
    sleep 1
done

In the Bash version, jq is used to parse JSON, ensure it’s installed on your system or replace it with an alternative method to parse JSON. Both scripts perform similar operations as the original PHP script, adjusting syntax and methods to fit Python and Bash environments.

You might ask ChatGPT to convert to other programming languages.

CloudFlare Technology

–EOF (The Ultimate Computing & Technology Blog) —

GD Star Rating
loading…

754 words

Last Post: Teaching Kids Programming – Another Birthday Candles Problem (Binary Search and Brute Force / Linear Search)





Source link

You may also like

About The Author

AIGumbo.crew

Leave a Reply

Your email address will not be published. Required fields are marked *