CloudFlare
This features provides interaction with the CloudFlare Firewall
As CloudFlare is a reverse proxy, any attacking IP addresses (so far as
iptables is concerned) come from the CloudFlare IP's. To counter this, an
Apache module (mod_cloudflare) is available that obtains the true attackers
IP from a custom HTTP header record (similar functionality is available
for other HTTP daemons
However, despite now knowing the true attacking IP address, iptables cannot
be used to block that IP as the traffic is still coming from the CloudFlare
servers
CloudFlare have provided a Firewall feature within the user account where
rules can be added to block, challenge or whitelist IP addresses
Using the CloudFlare API, this feature adds and removes attacking IPs from
that firewall and provides CLI (and via the UI) additional commands
See /etc/csf/readme.txt for more information about this feature and the
restrictions for its use BEFORE enabling this feature