Script (For Linux Servers) to Prevent Real IP address Leak Protected Behind CloudFlare

cloudflare_only.sh

#!/bin/bash
if [[ $EUID -ne 0 ]]; then
   echo "[-] This script must be run as root [-]" 
   exit 1
fi

echo "[+] Reseting Initiated [+]"
ufw disable
echo "[?] Current Status [?]"
ufw status numbered verbose

echo "[+] Downloading Rules [+]"
wget https://www.cloudflare.com/ips-v4 -O ips-v4.tmp
wget https://www.cloudflare.com/ips-v6 -O ips-v6.tmp
mv ips-v4.tmp ips-v4
mv ips-v6.tmp ips-v6

echo "[+] Updating Rules [+]"
ufw reset
ufw default deny incoming
ufw default allow outgoing
#ufw allow ssh
#ufw limit 22/tcp
#ufw allow in on eth1 to any port 80

for cfip in `cat ips-v4`; do ufw allow from $cfip to any port 80 proto tcp; done
for cfip in `cat ips-v6`; do ufw allow from $cfip to any port 80 proto tcp; done

for cfip in `cat ips-v4`; do ufw allow from $cfip to any port 443 proto tcp; done #SSL
for cfip in `cat ips-v6`; do ufw allow from $cfip to any port 443 proto tcp; done #SSL

#ufw allow www
#ufw allow in on eth1 to any port 6379 # Redis
#ufw allow in on eth1 to any port 27017 #MongoDB

ufw enable
echo "[?] Current Status [?]"
ufw status numbered verbose

echo "[-] Removing temp files [-]"
rm ips-v4
rm ips-v6

echo "[+] Done [+]"