plugin-icon

ES Football Bypass for Cloudflare

Oleh Carrero·
Automatically manages Cloudflare configuration during football matches to avoid mass IP blocks affecting legitimate websites in Spain.
bypass
cloudflare
dns
Penilaian
Tambahkan ulasan
Versi
1.9.1
Terakhir diperbarui
Apr 7, 2026
ES Football Bypass for Cloudflare

ES Football Bypass for Cloudflare is a WordPress plugin created by David Carrero Fernandez-Baillo to help Spanish website owners protect their legitimate sites from collateral damage caused by mass IP blocks ordered during football matches. The project is open source (GPLv2) and available on GitHub: https://github.com/dcarrero/cf-football-bypass

The plugin automatically monitors football events in Spain by querying hayahora.futbol and, based on the result, manages Cloudflare DNS records to toggle between Proxied and DNS Only modes. This prevents legitimate visitors from being affected by judicial blocks targeting pirate football streaming.

The Problem

In Spain, during football matches, mass IP blocks are enforced by judicial orders to combat pirate streaming. These blocks also affect legitimate websites that have nothing to do with football, causing traffic and revenue losses.

The Solution

When football is detected: – Automatically disables the Cloudflare proxy for selected DNS records – Your website switches to DNS Only mode, avoiding potentially blocked Cloudflare IPs – After the configured cooldown period, automatically re-enables the Cloudflare proxy

Key Features

Full Automation – Automatic monitoring every X minutes (configurable 5-60 min) – Automatic bypass activation/deactivation – Integrated WordPress cron system

Dual Cloudflare Authentication Support – Global API Key (traditional) – API Token with specific permissions (more secure)

Granular Control – Specific DNS record selection (A, AAAA, and CNAME) – Configurable bypass duration (60-600 minutes) – Customizable cooldown interval after disabling Cloudflare – Manual control for special cases

Informative Dashboard – Real-time football status – Last check performed – Bypass status (active/inactive)

Additional Tools – Cloudflare connection test button – Manual football status check – Manual activation/deactivation buttons – Detailed logging for debugging and auditing – Protected endpoint for external cron

External Services

This plugin connects to the following external services:

hayahora.futbol

The plugin periodically queries the endpoint https://hayahora.futbol/estado/data.json to check whether there are active IP blocks during football events in Spain. This query runs automatically based on the configured cron interval (default: every 15 minutes) and can also be triggered manually from the admin panel. – Data sent: An HTTP GET request with the site’s home URL in the User-Agent header. No personal or visitor data is transmitted. – URL: https://hayahora.futbol/ – About the service and privacy: https://hayahora.futbol/#sobre-los-bloqueos – Terms of use: The service is free, open source, and does not collect personal data from plugin users or their visitors.

Cloudflare API

The plugin uses the official Cloudflare API (https://api.cloudflare.com/client/v4/) to read DNS records and toggle the proxy status (Proxied/DNS Only) for selected records. It requires API credentials that you provide in the plugin settings. Credentials are stored in the WordPress database and sent via HTTPS headers to Cloudflare. – Data sent: API credentials (in headers), DNS record modifications (record ID, type, name, content, proxied status). – URL: https://api.cloudflare.com/ – Terms of Service: https://www.cloudflare.com/terms/ – Privacy Policy: https://www.cloudflare.com/privacypolicy/

Server IP Detection Services

The plugin detects your server’s outgoing IP address (displayed in the Settings page) by querying three public services. Only the server’s own IP is returned; no personal or visitor data is transmitted. Results are cached for 1 hour. – https://api.ipify.org/ – Provided by ipify. Privacy Policy: https://www.ipify.org/ – https://checkip.amazonaws.com/ – Provided by Amazon Web Services. Privacy Policy: https://aws.amazon.com/privacy/ – https://icanhazip.com/ – Provided by Cloudflare. Privacy Policy: https://www.cloudflare.com/privacypolicy/

Affiliate Links

The plugin’s operation page includes affiliate links clearly marked with “(aff)” to VPN services and security tools. These links are optional and do not affect the plugin’s functionality.

Cron and Automation

How does the cron system work?

The plugin uses WordPress internal cron (wp_cron) which runs when there are visits to the website. This is usually sufficient for most sites.

What if my site has low traffic and cron doesn’t run regularly?

Go to Settings > ES Football Bypass for Cloudflare and copy the token from the “External cron” section. With that token you can set up a real server cron:

*/15 * * * * curl -s “https://yourdomain.com/wp-cron.php?cfbcolorvivo_cron=1&token=YOUR_TOKEN_HERE” > /dev/null 2>&1

You can regenerate the token by clearing the field and saving settings (a new one is generated). This endpoint only runs the plugin check, without depending on visits.

What is the “Cooldown after disabling Cloudflare”?

This is the waiting time (default 60 minutes) that the plugin respects before checking if Cloudflare can be re-enabled after detecting a block. During this period, the proxy remains in “DNS Only” mode even if the JSON stops marking the domain, avoiding rapid activation/deactivation cycles.

How do I verify that cron is working correctly?

In the Operation tab, click “WP-Cron Diagnostics” to see the next execution and the result of the last check. You can also review the integrated logs.

Logs and Auditing

Where can I see the action history?

In the ES Football Bypass for Cloudflare > Logs menu. It shows the latest automatic executions (internal or external cron) and manual actions with date, detail, and user.

Can I disable logging?

Yes. In Settings > ES Football Bypass for Cloudflare you can disable logging or adjust retention days (minimum 1). Logs are stored in the uploads directory under es-football-bypass-for-cloudflare/logs/ protected with .htaccess.

How do I verify that cron is working correctly?

You can check if it’s scheduled in Tools > Site Health > Info > Scheduled Events, looking for the ‘cfbcolorvivo_check_football_status’ event. You can also review WordPress error logs where the plugin records all its actions.

Server Requirements

  • WordPress 5.0 or higher
  • PHP 7.4 or higher
  • PHP Extensions: curl, json
  • Permissions: Ability to make outbound HTTP requests
  • Cron: Functional WordPress cron system

Support

  • Author: David Carrero Fernandez-Baillo
  • Website: https://carrero.es
  • Contact: https://carrero.es/contacto/

If you need help, send a direct message on X or use the contact form. Issues and improvements are also welcome in the repository: https://github.com/dcarrero/cf-football-bypass

This plugin was born from the real need to protect legitimate websites from the mass blocks affecting the Spanish digital industry during sporting events.

Specific Use Cases

High Traffic Sites – Allows selecting only critical records (www, root domain) – Keeps other services (mail, ftp, etc.) always proxied – Minimizes impact on CDN and cache

Sites with Multiple Subdomains – Granular control per subdomain – Different strategies for different services – Total configuration flexibility

Emergencies and Manual Override – Manual control buttons for special situations – Does not depend solely on automatic detection – Allows quick reaction to failures

License

GPLv2 or later. You are free to use, modify, and distribute this plugin under the terms of the GPL.

Gratisdi paket berbayar
Mulai
Dengan menginstal, Anda menyetujui Ketentuan Layanan WordPress.com dan Persyaratan plugin Pihak Ketiga.
Diuji hingga
WordPress 6.9.4
Plugin ini tersedia untuk diunduh untuk diinstal di situs .
Unduh