BoxExchanger
  • Вернутся на сайт
  • Getting Started / DONE
    • Security Setup / DONE
      • Admin Account Creation
      • Administrator Permissions Setup (Roles)
      • Enabling Two-Factor Authentication
      • Admin Panel Access Restrictions by IP
        • Setting Up Access Restrictions on CloudFlare
        • Setting Access Restrictions in the Admin Panel
      • Setting Up Access Restriction by Header Host
    • Design customisation / done
    • Technical works / DONE
    • Website notification / DONE
      • Creation
      • Editing
    • Selected rates / DONE
      • Creation
      • Editing
    • Connecting the Online Chat / DONE
      • Connecting LiveChat
      • Connecting JivoSite chat
      • Connecting HelpCrunch chat
    • Adding contacts / DONE
    • Email Configuration / DONE
      • Sending a copy of sent emails
      • Connecting Gmail
      • Connecting Zoho Mail
      • Connecting Dynadot Mail
    • Questions and answers / DONE
      • Create
    • Setting up the AntiBot system / DONE
      • Installing reCAPTCHA
    • Rules / DONE
      • Create
      • AML/KYC Policy
    • Partners / DONE
      • Partner creation
      • Editing
    • News / DONE
      • Creation
    • Reviews / DONE
      • Create
      • List of Reviews
    • Static Pages / DONE
      • Creation
    • User authorisation settings / DONE
    • Setting up identifiers / DONE
    • Customising the action history / DONE
  • Exchange / DONE
    • Currencies / DONE
      • List of currencies
      • Currency logo
      • Currency name
      • Currency type
      • Accuracy of the sum
      • XML currencies
        • Digital currency codes
        • City codes
      • Exchange rate to USD
      • Reserves
      • Setting up the currency field
      • Accepting payments
      • Payout Setup
      • AML Verification
      • Verification
    • Currency Sorting / DONE
    • Directions / DONE
      • Priority modules
      • Floating rate
      • Rate insurance
      • SEO-friendly URL
      • Documents
    • Setting up a directional group / DONE
    • Merchant and API / DONE
      • 001k bot / DONE
        • Merchant 001k bot
        • 001k bot Payouts
      • Whitebit exchange / DONE
        • Module interactions
        • Whitebit Merchant
        • Whitebit payouts
      • BetPay / DONE
        • BetPay Merchant
        • BetPay.money Payouts
      • Cryptomus / DONE
        • Cryptomus Merchant
        • Cryptomus Payouts
      • Paylink.finance / DONE
        • Paylink.finance Merchant
        • Paylink.finance Payouts
      • BSC BEP20 Merchant / DONE
      • ETH Merchant ERC20 / DONE
      • Merchant Monerod / DONE
      • Garantex Merchant / DONE
      • ChangeCoins Merchant / DONE
      • Merchant Obmenka UA / DONE
      • Merchant Billline / DONE
      • Bitconce Merchant / DONE
      • YooMoney Merchant / DONE
      • ePayCore Merchant / DONE
      • Payeer Merchant / DONE
      • Perfect Money Merchant / DONE
      • WestWallet.io Merchant / DONE
      • Configuring Inqud / DONE
      • Agents Telegram Payouts / DONE
      • Binance Payouts / DONE
      • Kuna.io Payouts / DONE
      • PSPline payouts / DONE
      • WestWallet.io Payouts / DONE
    • Rate parser / DONE
      • BestChange / DONE
      • Kurs.Expert / DONE
      • BetPay.Money / DONE
      • PancakeSwap / DONE
      • CurrencyLayer / DONE
      • XML file / DONE
      • Cryptomus / DONE
      • whitebit v2 / DONE
      • Paylink.finance / DONE
      • BestChange v2 / DONE
    • Verifications / DONE
    • Calculation of the exchange amount / DONE
  • Requests / DONE
    • List of exchanges
    • Requests
      • Request statuses
    • Automatic addition of reserve
  • Affiliate Program / DONE
    • Partnership areas / DONE
    • Partner exchanges / DONE
    • Referral settings / done
  • AML plugins / DONE
    • CrystalBlockchain
    • AMLBot.com
    • GetBlock.net
  • Additional systems / DONE
    • Internal wallet / DONE
    • KYC modules / DONE
      • KYC Kycaid module / DONE
      • KYC Module AMLBot / DONE
      • KYC SumSub Module / DONE
    • Whitebit modules / DONE
      • WhiteBit Exchanger auto update fee
      • WhiteBIT control available
    • Install plugin / DONE
    • Scam Database API
  • Authorisation systems / DONE
    • Apple Authorisation
    • Google Authorisation
  • For developers / DONE
    • Project setup / DONE
      • Server for the exchanger / DONE
        • Vultr / DONE
        • DigitalOcean / DONE
          • Deleting VDS on DigitalOcean / DONE
        • Hetzner Cloud / DONE
          • VDS size changes on Hetzner / DONE
          • Deleting VDS on Hetzner / DONE
      • CloudFlare settings / DONE
      • Nginx Installation / DONE
      • Software Installation / DONE
        • Installing NodeJs / DONE
        • MongoDB Installation / DONE
        • Installing exchanger-api / DONE
        • Installation of exchanger-web / DONE
        • Setting up the build on CloudFlare Workers / DONE
    • Setting up Telegram Bot / DONE
    • Access to source code / DONE
    • Client-web development / DONE
      • Local launch / DONE
      • Applying the changes / DONE
    • Email templates / DONE
      • Template localisation / DONE
    • Uploading a static file / DONE
    • Project structure / DONE
    • API documentation settings / DONE
    • Node Setup / DONE
      • Bitcoin Node / DONE
      • Monero Node / DONE
      • Ethereum Node / DONE
      • Tron Node / DONE
    • Development of modules / DONE
      • System Merchant / DONE
      • Payout module / DONE
      • Course Parser / DONE
    • Sending logs to developers / DONE
    • API payment processing / DONE
    • Setting up VPN (OpenVPN) / DONE
    • Setting up a backup on B2 / DONE
    • Firewall configuration / DONE
      • Configuring port 22 access (ssh)
      • Configuring access ports 80,443 (http/s)
      • IP whitelisted by CloudFlare
    • Webhook notification URL / DONE
      • New Exchange
      • New Verification (Manual)
      • Application Status Update
      • User Registration
  • Журнал изменений
Powered by GitBook
On this page
  1. For developers / DONE
  2. Firewall configuration / DONE

Configuring access ports 80,443 (http/s)

NOTE: Please make sure that you have added SSH rules earlier

Allow access to HTTP(s) for CloudFlare networks only

Apply automatically:

  1. Execute the command:

    wget -q -O - https://gitlab.com/BoxExchanger-public/ufw-cloudflare/-/raw/main/cf_install.sh | sudo sh

  2. Enable UFW.

    ufw enable

Manual set up:

  1. Create a folder to store the script:

    mkdir -p ~/.scripts/cf_ips

  2. Create a script with the following contents:

    nano ~/.scripts/cf_ips/cf_ips.sh
    cf_ips.sh
    #!/bin/sh
PATH=$PATH:/sbin
wget https://www.cloudflare.com/ips-v4 -qO /tmp/cf_ips
echo "" >> /tmp/cf_ips
wget https://www.cloudflare.com/ips-v6 -qO ->> /tmp/cf_ips
for cfip in `cat /tmp/cf_ips`; do ufw allow proto tcp from $cfip to any port 80,443 comment "Cloudflare IP"; done
rm /tmp/cf_ips

  3. Clean the temporary service file

    rm /tmp/cf_ips

  4. Set the cron (timer) to update addresses once a day

    echo "0 0 * * * ~/.scripts/cf_ips/cf_ips.sh" | crontab -

  5. Enable UFW.

    ufw enable
Allow access to HTTP(s) for all networks

WARNING: this instruction is for those who do not use Cloudflare if you are using CloudFlare for your site use the instruction above

  1. Allow access 80 and 443

    ufw allow 80
    ufw allow 443

  2. Enable UFW.

    ufw enable
PreviousConfiguring port 22 access (ssh)NextIP whitelisted by CloudFlare

Last updated 3 months ago