This is a Bash function that uses the curl command to bypass Cloudflare protection for a given domain and IP address. It takes two arguments: the domain name and the IP address to resolve to.

The function first checks that both arguments are provided, and then saves them as variables. It then uses the curl command with the following options:

-L: Follow any redirects that the server sends back.

-k: Allow connections to SSL sites without verifying the certificate. This is necessary because Cloudflare often uses SSL certificates that are self-signed and not trusted by default.

--resolve "$domain":443:"$ip": This option tells curl to use the provided IP address instead of performing a DNS lookup. The port 443 is used because this is the default port for HTTPS connections.

--head: Only retrieve the HTTP headers, not the full content of the page.

By using –resolve, the function bypasses Cloudflare’s DNS-based protections by connecting directly to the server’s IP address. However, it does not bypass other protections that Cloudflare may have in place, such as rate limiting or CAPTCHA challenges.


[root@cloudvpsserver ~]# nk_curl_bypass_cloudflare nkern.net
HTTP/2 200
link: <https://nkern.net/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
date: Thu, 06 Apr 2023 00:54:11 GMT
server: Apache


nk_curl_bypass_cloudflare () {
# nk_curl_bypass_cloudflare expects a domain and ip.
# If neither are provided exit.
if [ "$1" = "" ] || [ "$2" = "" ]; then
    echo "You must provide a domain name and an ip address to resolve to"
    return 0

# $domain equals the first value provided.
# $ip is the second one.

# Now run a curl and substitute in the values.
# curl has a --resolve flag that lets you choose what IP to attempt to connect to
# need the -k flag to ignore any SSL errors.
curl -Lk https://"$domain" --resolve "$domain":443:"$ip" --head

Author: Nichole Kernreicht

Created: 2023-04-09 Sun 21:36