Create a file name update-ufw-rules.sh with the following content:
#!/bin/bash
ufw_status_before=$(ufw status)
/usr/bin/curl -s https://www.cloudflare.com/ips-v4 > /tmp/cloudflare-ips
yes | /usr/sbin/ufw reset
yes | /usr/sbin/ufw enable
/usr/sbin/ufw allow ssh comment "Allow SSH"
/usr/sbin/ufw reload
while read -r ip; do
/usr/sbin/ufw allow from "$ip" to any port 80 proto tcp comment 'Cloudflare'
/usr/sbin/ufw allow from "$ip" to any port 443 proto tcp comment 'Cloudflare'
done < /tmp/cloudflare-ips /usr/sbin/ufw reload rm /tmp/cloudflare-ips ufw_status=$(/usr/sbin/ufw status) timestamp=$(date +"%Y-%m-%d %H:%M:%S") file_date=$(date +"%Y-%m-%d") log_file="/home/YOUR_USERNAME/ufw_log/$file_date.log" log_message="Cloudflare IP update done successfully on date $timestamp" echo "$timestamp Before: $ufw_status_before" >> "$log_file"
echo "------------------------------------------------------" >> "$log_file"
echo "$timestamp Now: $ufw_status" >> "$log_file"
echo "------------------------------------------------------" >> "$log_file"
echo "$timestamp $log_message" >> "$log_file"From the terminal execute the following statement:
sudo crontab -eAdd the following row in the crontab configuration:
0 0 * * * /home/YOUR_USERNAME/update-ufw-rules.sh > /home/YOUR_USERNAME/crontab.log 2>&1