Skip to main content
All CollectionsTemplatesBasic
IP Penalty Box with Timeout via Slack (Cloudflare) - Workflow Template
IP Penalty Box with Timeout via Slack (Cloudflare) - Workflow Template

Adds specific IPv4 or IPv6 address to a penalty box in Cloudflare by creating and removing IP Access Rules driven by Slack.

Updated over a week ago

The "IP Penalty Box with Timeout via Slack (Cloudflare)" workflow template is designed to enhance network security measures by allowing teams to quickly respond to threats. When a security alert indicates a problematic IP, a user can execute a Slack command to temporarily block an IPv4 or IPv6 address directly in Cloudflare. The automated process verifies the address type, adds it to Cloudflare's IP Access Rules to enforce the block, and then automatically lifts the block after a predefined delay—streamlining the response to web security alerts without ongoing manual oversight.

Trigger

Slack

Optional Triggers

Webhook,"Microsoft Teams",Webex

Use Cases

Remediate Network Security Alerts , Remediate Web Security Alerts

Workflow Breakdown

  1. Send the command Cloudflare_Penalty via slack with the IPv4 or IPv6 address to block

  2. Verify which type of address to handle

  3. Add the address to the IP Access Rules in Cloudflare

  4. If no address is provided, provide a message back to the user

  5. If the block was successful, wait for the delay and remove the block when it expires

Vendors

Slack, Utils, Cloudflare

Tips

Set the command for Slack in the \"Will trigger when\" section of the trigger.","Adjust the desired delay in the Set Workflow Variables step

Did this answer your question?