Automatically Whitelist ManageWP IPs on Cloudflare bash Script

ManageWP is a powerful tool for managing multiple WordPress sites. It allows you to install plugins, update them, back up, monitor uptime and more without having to go into each individual WordPress site. Some hosting providers may throttle requests from ManageWP and if you are using Cloudflare and experience any blockages (for the most part I do not) you will need to whitelist the ManageWP IP addresses.

The present ManageWP IP list can be found here. Currently there areĀ over 40 IPs which I really do not want to enter manually into Cloudflare. This script is written in bash and requires cURL and your Cloudflare API Key and email address.

Automatically Whitelist all ManageWP IPs on Cloudflare bash Script

Make sure cURL is installed, on Debian and Ubuntu you can use this command

sudo apt install curl

On CentOS

yum install curl

Create the script

sudo nano managewp-cloudflare.sh

Paste this script

#!/bin/bash
# Author: Mike
# Source: WP Bullet Guides https://guides.wp-bullet.com

# cloudflare email
CFEMAIL=""
# cloudflare API key
CFAPIKEY=""

cd /tmp
# grab current ManageWP IP list
wget https://managewp.com/wp-content/uploads/2016/11/managewp-ips.txt -qO /tmp/MANAGEWPTXT

# Turn text file into array
MANAGEWPIPS=$(</tmp/MANAGEWPTXT)

# Loop through array and add IPs to Cloudflare whitelist
for MANAGEWPIP in ${MANAGEWPIPS[@]}; do
# trim the \r or it breaks the JSON format
MANAGEWPIP=$(echo $MANAGEWPIP| sed "s#\r##g")
echo $MANAGEWPIP
curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" \
    -H "X-Auth-Email: $CFEMAIL" \
    -H "X-Auth-Key: $CFAPIKEY" \
    -H "Content-Type: application/json" \
     --data '{"mode":"whitelist","configuration":{"target":"ip","value":"'"${MANAGEWPIP}"'"},"notes":"ManageWP"}'
done

# delete the temporary ManageWP IPs file
rm -rf /tmp/MANAGEWPTXT

Done!

Sources

Turn File into Bash Array
Using Variables with cURL in Bash