[Reprint] Automatically obtain cloudflare's IP to solve the fake wall

Some time ago, many people encountered the problem of "fake walls". What is this thing? By exploiting the vulnerability of GFW, he simulated accessing some URL addresses containing illegal keywords. Then GFW will temporarily block access to the target IP.

This visit has nothing to do with the content of your website. He only needs to add keywords to the access URL.

For example: https://www.baidu.com/s?wd=banned words

This article is reproduced from the boss: @fragile snail

The original text is as follows:

A few days ago, the website was blackmailed by a fake wall. A plane number named "President" asked to cooperate with him in advertising, but he did not compromise with him. Then the site was contaminated by him. He purchased 18 IPs from the server provider, but they were blocked. It was too fast, and it was all blocked in a while. It seemed that changing the IP was effective. I thought of using Cloudflare's multiple IPs to deal with the fake wall. In the end, I persisted for about 2 weeks, and the attack stopped. My site has also survived successfully. Fortunately, I am now announcing the method so that those hateful garbage have no chance;
1. Use cloudflare’s cname resolution (cdn.wzfou.com);
2. Purchase the dnspod personal professional version, because the free version has a ttl of 600 seconds, and the professional version can have a minimum ttl of 120 seconds. If you change the IP frequently, the ttl should be lower. Key points: you must add the three telecommunications, mobile, and China Unicoms. a record of a line;
3. First execute ipSpider.py in the cloudflare folder to grab the ip, and then execute pingTest.py again to get the final file ip.txt (cloudflare’s mobile line chooses the Hong Kong direct line, so you have to find a way to get 2 copies of the ip. txt, or China Mobile directly uses China Telecom and China Unicom’s IP, but China Telecom and China Unicom cannot use China Mobile’s Hong Kong IP because it is bypassed).
4. In dnspod, first obtain and replace token=id, Token in dnshandle.py under the dnspod folder, and then write your own domain name;
5. If you know some scripts, you can just make some changes yourself. I have just learned Python not long ago. If there are any imperfections in the script, please give me some pointers. I will learn and improve them;
6. The Telecom.txt and Mobile.txt under the cloudflare directory are filtered by me. You can use them directly. Use pingTest.py to filter them, then get the first 1000 IPs and put them under the folder dnspod; < br> 7. After testing, access by telecom and mobile users is still very fast, no slower than my GIA now;
8. After installing python, you only need to install this library by pip install requests;
9. August 10th: Delete redundant code and add 10 payloads to each line in the dnshandle_fuzai.py script to more effectively prevent false walls. Note: Add 10 IPs to each line in the dnspod background in advance, otherwise the script will error.
10. On August 11, a new cloudflare configuration tutorial was added, and a new semi-automatic script was added to add dns resolution. After running the script, you can enter it in sequence. See the picture for details
11. On August 12, after testing, it was found that dnspod had a request frequency limit when the load was 10, delay and retry were added, and functions such as remembering the settings after the last end were added;

Features of cloudflare script:
1. ipSpider.py scans all open IP segments of cloudflare, obtains IPs with ping less than 200ms and 0 packet loss, and then writes the ping value from small to large to ip.txt;
2. pingTest.py filters the generated ip.txt and then generates ip.txt;
3. Filtered IP addresses blocked by cloudflare;
4. Supports loads, the free version of dnspod has a maximum of 2 loads, and the personal professional version has a maximum of 10 loads (It is recommended to enable loads);
5. You only need to fill in the dnspod token and then execute the script. You do not need to log in to the dnspod background to add them one by one. It is considered semi-automatic;

The blogger below will release and download the new and old scripts of the original author. It is recommended to use the latest ones.

0810C script.zip attachment download: OneDrive

0812 script.zip Attachment download: OneDrive

This method uses Cloudflare's large number of IP addresses to solve the problem of fake walls by constantly changing them. It has a certain impact on user access, but this is also the best solution at present.

0811cloudflare analysis

1. First change the dns of the domain name to dnspod to ensure that dnspod can resolve it normally;
2. Open cdn.Wzfou.com and enter your cloudflare account and password;

If you need @ records or other records, please add them one by one. After adding, cloudflare ends the configuration. If you want to set up page cache, you need to log in to the cloudflare backend for configuration;
3. Add @ and www, the screenshot is as follows:

Here we mainly use cname to record these two values, and then configure dnspod;

Cloudflare added several records, and dnspod also added several cname resolutions;
Then add a records for China Telecom, China Unicom, and China Mobile, and the configuration is now complete;

Recommended site searches: me domain name, online registration query, mainland China bgp cloud host, website registration time, this website server is in the United States, registered domain name, dynamic ip dialer, 100m virtual host, site group server, US vps server ,