cloudflare api auto-cert renewal

Posted on April 7, 2025April 10, 2025 by interdome

Go to Cloudflare API Tokens:

Use the “Create Custom Token” option.
Choose template: Edit zone DNS

Permissions:

Bash

Zone: DNS → Edit
Zone: Zone → Read
Zone Resources: Include only the domain(s) you need

Save the token somewhere secure.

Create a file with restricted permissions:

Bash

sudo mkdir -p /etc/letsencrypt
sudo nano /etc/letsencrypt/cloudflare.ini

Add the following to the file:

Bash

dns_cloudflare_api_token = YOUR_API_TOKEN

Secure the file

Bash

sudo chmod 600 /etc/letsencrypt/cloudflare.ini

Lets install certbot with the cloudflare options

Bash

sudo apt install python3-certbot-dns-cloudflare

Alrights lets goooo

Bash

sudo certbot certonly \
  --dns-cloudflare \
  --dns-cloudflare-credentials /etc/letsencrypt/cloudflare.ini \
  -d yourdomain.com -d *.yourdomain.com

Leave a Reply Cancel reply

CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download
April 18, 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2025-24054 (CVSS score: 6.5), is a Windows New Technology LAN Manager (NTLM) hash disclosure
Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates
April 17, 2025
The China-linked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified organization in Myanmar with previously unreported tooling, highlighting continued effort by the threat actors to increase the sophistication and effectiveness of their malware. This includes updated versions of a known backdoor called TONESHELL, as well as a […]
State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns
April 17, 2025
Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late 2024 through the beginning of 2025. The phishing campaigns adopting the strategy have been attributed to clusters tracked as TA427 (aka Kimsuky), TA450 (aka MuddyWater),
Artificial Intelligence – What's all the fuss?
April 17, 2025
Talking about AI: Definitions Artificial Intelligence (AI) — AI refers to the simulation of human intelligence in machines, enabling them to perform tasks that typically require human intelligence, such as decision-making and problem-solving. AI is the broadest concept in this field, encompassing various technologies and methodologies, including Machine Learning (ML) and Deep Learning. Machine
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
April 17, 2025
A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under certain conditions. The vulnerability, tracked as CVE-2025-32433, has been given the maximum CVSS score of 10.0. "The vulnerability allows an attacker with network access to an Erlang/OTP […]

Leave a Reply Cancel reply

Related Posts

debian.12.sh

the ol tcpdump tool

blackhole.sh

irssi.sh