Should I block China IP Addresses?

jmlopez

jmlopez

Member
Registered
Joined
Jul 11, 2016
Messages
24
Points
3
There are many guides to block alll Chinese ip addresses with iptables and I think I should do it for my hosting. I also see an option in my CDN control panel. I am targeting US audience and I think traffic from China is just bots and hackers. What is your advice? should I block all China IP addresses?
 
L

LJSHost

Well-known member
Hosting Provider
Registered
Joined
Jul 5, 2016
Messages
1,031
Points
63
It would be a good idea if you are not looking to target China or the surrounding region with your site. I agree a large percentage of brute force attacks and other undesirable activity does come from this region.
 
L

LJSHost

Well-known member
Hosting Provider
Registered
Joined
Jul 5, 2016
Messages
1,031
Points
63
Hi Chris,

Yes, you should be able to create custom rules.

Login to your cloud flare dashboard > Threat Control > In the custom rule box select a country or IP range. > click block.
 
tlhIngan

tlhIngan

Member
Registered
Joined
Jul 12, 2016
Messages
49
Points
8
LJSHost said:
Hi Chris,

Yes, you should be able to create custom rules.

Login to your cloud flare dashboard > Threat Control > In the custom rule box select a country or IP range. > click block.
Click to expand...
I don't see thread control section on my account.

Chris Worner said:
I use Cloudflare for my blogs. How can I block China with Cloudflare?
Click to expand...
click on Firewall on menu

cloudflare-firewall.png

On the Access Rules, type China and it will suggest you a name, you should click that.

cloudflare-access-rules.jpg

There are some options you can choose if wanted.

cloudflare-block-countries.png

Click Add to save and finish.

Good luck to you ! :good:
 

Attachments

jmlopez

jmlopez

Member
Registered
Joined
Jul 11, 2016
Messages
24
Points
3
LJSHost said:
Hi Chris,

Yes, you should be able to create custom rules.

Login to your cloud flare dashboard > Threat Control > In the custom rule box select a country or IP range. > click block.
Click to expand...
I could not find where Thread Control is in Cloudflare.

@tlhIngan

It alerted me this when clicking on Add button.

Countries can only be challenged or whitelisted (Code: 1212)
Click to expand...
 
L

LJSHost

Well-known member
Hosting Provider
Registered
Joined
Jul 5, 2016
Messages
1,031
Points
63
It used to be threat control they must of updated the UI since I last looked at it. Anyway tlhIngan has provided a great guide.
 
jmlopez

jmlopez

Member
Registered
Joined
Jul 11, 2016
Messages
24
Points
3
jmlopez
I guess Thread Control is in Cloudflare Pro plan.
I can not do as tlhIngan guided. It didn't allow me to save with error mentioned in the post above.
 
JixHost

JixHost

Member
Registered
Joined
Dec 15, 2016
Messages
26
Points
0
We use cloudflare and it does block threats globally. China is not the only country that sends attacks.
 
HostXNow

HostXNow

Well-known member
Hosting Provider
Registered
Joined
Nov 26, 2014
Messages
374
Points
28
Cloudflare is a good solution.

Also, make sure you are using a good firewall plus mod_security rules etc.
 
jmlopez

jmlopez

Member
Registered
Joined
Jul 11, 2016
Messages
24
Points
3
JixHost said:
We use cloudflare and it does block threats globally. China is not the only country that sends attacks.
Click to expand...
How to block a country with Cloudflare free plan? I could not succeed in doing this.

HostXNow said:
Cloudflare is a good solution.

Also, make sure you are using a good firewall plus mod_security rules etc.
Click to expand...
Are you talking to a firewall or using iptables on hosting? I feel inconvenient to do that as doing on an user interface.
 
HostXNow

HostXNow

Well-known member
Hosting Provider
Registered
Joined
Nov 26, 2014
Messages
374
Points
28
jmlopez said:
How to block a country with Cloudflare free plan? I could not succeed in doing this.



Are you talking to a firewall or using iptables on hosting? I feel inconvenient to do that as doing on an user interface.
Click to expand...
If you are using ConfigServer Firewall then have a read of this https://www.liquidweb.com/kb/how-to-block-traffic-by-country-in-the-csf-firewall/

Take note of the important information

Step #2: Deny Access by Country Code

CSF does not recommend the use of country-level blocks on any VPS or small server unless the CIDR range for the chosen country is very small. The use of a large-range country block on a small server or VPS could slow the server to the point that it becomes inaccessible.

If you're using a VPS or have any question as to whether your server has the resources to effectively implement a country-level block, you may find it more practical to allow or deny traffic by country code to specific ports, which we cover in Parts Three and Four.
Click to expand...
 
You must log in or register to reply here.
Older Threads
Shahroze_Nawaz
Should I choose Cloud hosting if I have 500 - 1000 daily visitors?
2 3
Replies
45
Views
21,543
isix
miken
Why do I need to change the default SSH port on linux servers?
Replies
4
Views
2,797
energizedit
Localnode
HOT Premium Pure SSD Reseller Hosting From Localnode | Starts At $9.77 | With 30% Recurring Discount
Replies
0
Views
1,579
Localnode
Localnode
HOT SSD Web Hosting From Localnode | cPanel Softaculous CloudLinux, CloudFlare | 30% Lifetime Discount!
Replies
0
Views
1,358
Localnode
HostingORA
Domain price choise
Replies
11
Views
4,390
VictorVictories
Newer Threads
bknights
Will domain name and web hosting at same company reduce DNS propagation times?
Replies
6
Views
2,573
hynds
MotionGrafika
High VPS or Low Dedicated Server?
2
Replies
23
Views
7,750
CaygriWEB
MilesWeb
OFFER [MilesWeb] Unlimited cPanel Hosting | Free Domain | Free SSL | 20% OFF | Buy Now
Replies
0
Views
1,748
MilesWeb
Aaron Lavers
How to copy a file to multiple directories in Linux?
Replies
1
Views
1,846
LJSHost
energizedit
  • Poll
Do you really need a knowledgebase?
Replies
13
Views
5,125
archhosting
Latest Threads
J
Jtti April promotion, 40% off on Hong Kong cluster servers/US cluster servers, minimum monthly payment starts at $218.6
Replies
0
Views
137
jtti
DemoTiger
How plans of big giants affect web hosting providers like you.
Replies
1
Views
198
BlueLeaf
M
Mobile App
Replies
0
Views
260
masterkind
AlpineHost
Trouble with Stripe webhook endpoint
Replies
1
Views
368
AlbaHost
viseo
Anyone for free WordPress hosting?
Replies
2
Views
256
BlueLeaf
Recommended Threads
liveinhost
Which is best way or open source software for DNS Clustering ?
Replies
0
Views
1,804
liveinhost
Marc0
  • Locked
How to become a photoshop expert ?
Replies
15
Views
18,164
Joethomascole
Cookie123
500 Internal Server Error when enabling friendly urls
Replies
4
Views
1,447
RoseHosting
paivadaniel
Best internal link structures for SEO?
Replies
9
Views
4,357
amitncode
ron13315
Question About Paypal
Replies
15
Views
6,188
AmieBotella
Similar Threads
harrygreen90
What should I change on the DirectAdmin control panel to make my server more secure?
Replies
9
Views
754
Philippe Gaucher
Mihai B.
Should I edit MySQL configurations for high-traffic websites?
Replies
3
Views
770
HifiveHost
Cheerag Nundlall
Should I choose a domain extension other than .com?
Replies
15
Views
2,483
NetedgeTec
Chris Worner
Monthly maintenance checklist for WHM/cPanel: What should I be checking and updating?
Replies
8
Views
925
Harry P
Chris Worner
Should I change to a new server on Hetzner?
Replies
3
Views
1,087
MajorGap

Latest postsNew threads

Latest Hosting OffersNew Reviews

Popular Contributors - Past 30 Days

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
  • cpanel
  • dedicated
  • domain
  • free
  • hosting
  • hosting services
  • marketing
  • offers
  • seo
  • server
  • services
  • vps
  • web
  • web hosting
  • website
  • wordpress
    • Top