Should I block China IP Addresses?

jmlopez

jmlopez

Member
Registered
Joined
Jul 11, 2016
Messages
24
Points
3
There are many guides to block alll Chinese ip addresses with iptables and I think I should do it for my hosting. I also see an option in my CDN control panel. I am targeting US audience and I think traffic from China is just bots and hackers. What is your advice? should I block all China IP addresses?
 
L

LJSHost

Well-known member
Hosting Provider
Registered
Joined
Jul 5, 2016
Messages
1,031
Points
63
It would be a good idea if you are not looking to target China or the surrounding region with your site. I agree a large percentage of brute force attacks and other undesirable activity does come from this region.
 
L

LJSHost

Well-known member
Hosting Provider
Registered
Joined
Jul 5, 2016
Messages
1,031
Points
63
Hi Chris,

Yes, you should be able to create custom rules.

Login to your cloud flare dashboard > Threat Control > In the custom rule box select a country or IP range. > click block.
 
tlhIngan

tlhIngan

Member
Registered
Joined
Jul 12, 2016
Messages
49
Points
8
LJSHost said:
Hi Chris,

Yes, you should be able to create custom rules.

Login to your cloud flare dashboard > Threat Control > In the custom rule box select a country or IP range. > click block.
Click to expand...
I don't see thread control section on my account.

Chris Worner said:
I use Cloudflare for my blogs. How can I block China with Cloudflare?
Click to expand...
click on Firewall on menu

cloudflare-firewall.png

On the Access Rules, type China and it will suggest you a name, you should click that.

cloudflare-access-rules.jpg

There are some options you can choose if wanted.

cloudflare-block-countries.png

Click Add to save and finish.

Good luck to you ! :good:
 

Attachments

jmlopez

jmlopez

Member
Registered
Joined
Jul 11, 2016
Messages
24
Points
3
LJSHost said:
Hi Chris,

Yes, you should be able to create custom rules.

Login to your cloud flare dashboard > Threat Control > In the custom rule box select a country or IP range. > click block.
Click to expand...
I could not find where Thread Control is in Cloudflare.

@tlhIngan

It alerted me this when clicking on Add button.

Countries can only be challenged or whitelisted (Code: 1212)
Click to expand...
 
L

LJSHost

Well-known member
Hosting Provider
Registered
Joined
Jul 5, 2016
Messages
1,031
Points
63
It used to be threat control they must of updated the UI since I last looked at it. Anyway tlhIngan has provided a great guide.
 
jmlopez

jmlopez

Member
Registered
Joined
Jul 11, 2016
Messages
24
Points
3
jmlopez
I guess Thread Control is in Cloudflare Pro plan.
I can not do as tlhIngan guided. It didn't allow me to save with error mentioned in the post above.
 
JixHost

JixHost

Member
Registered
Joined
Dec 15, 2016
Messages
26
Points
0
We use cloudflare and it does block threats globally. China is not the only country that sends attacks.
 
HostXNow

HostXNow

Well-known member
Hosting Provider
Registered
Joined
Nov 26, 2014
Messages
374
Points
28
Cloudflare is a good solution.

Also, make sure you are using a good firewall plus mod_security rules etc.
 
jmlopez

jmlopez

Member
Registered
Joined
Jul 11, 2016
Messages
24
Points
3
JixHost said:
We use cloudflare and it does block threats globally. China is not the only country that sends attacks.
Click to expand...
How to block a country with Cloudflare free plan? I could not succeed in doing this.

HostXNow said:
Cloudflare is a good solution.

Also, make sure you are using a good firewall plus mod_security rules etc.
Click to expand...
Are you talking to a firewall or using iptables on hosting? I feel inconvenient to do that as doing on an user interface.
 
HostXNow

HostXNow

Well-known member
Hosting Provider
Registered
Joined
Nov 26, 2014
Messages
374
Points
28
jmlopez said:
How to block a country with Cloudflare free plan? I could not succeed in doing this.



Are you talking to a firewall or using iptables on hosting? I feel inconvenient to do that as doing on an user interface.
Click to expand...
If you are using ConfigServer Firewall then have a read of this https://www.liquidweb.com/kb/how-to-block-traffic-by-country-in-the-csf-firewall/

Take note of the important information

Step #2: Deny Access by Country Code

CSF does not recommend the use of country-level blocks on any VPS or small server unless the CIDR range for the chosen country is very small. The use of a large-range country block on a small server or VPS could slow the server to the point that it becomes inaccessible.

If you're using a VPS or have any question as to whether your server has the resources to effectively implement a country-level block, you may find it more practical to allow or deny traffic by country code to specific ports, which we cover in Parts Three and Four.
Click to expand...
 
You must log in or register to reply here.
Older Threads
Shahroze_Nawaz
Should I choose Cloud hosting if I have 500 - 1000 daily visitors?
2 3
Replies
45
Views
24,175
isix
miken
Why do I need to change the default SSH port on linux servers?
Replies
4
Views
3,139
energizedit
Localnode
HOT Premium Pure SSD Reseller Hosting From Localnode | Starts At $9.77 | With 30% Recurring Discount
Replies
0
Views
1,746
Localnode
Localnode
HOT SSD Web Hosting From Localnode | cPanel Softaculous CloudLinux, CloudFlare | 30% Lifetime Discount!
Replies
0
Views
1,521
Localnode
HostingORA
Domain price choise
Replies
11
Views
4,881
VictorVictories
Newer Threads
bknights
Will domain name and web hosting at same company reduce DNS propagation times?
Replies
6
Views
2,880
hynds
MotionGrafika
High VPS or Low Dedicated Server?
2
Replies
23
Views
8,769
CaygriWEB
MilesWeb
OFFER [MilesWeb] Unlimited cPanel Hosting | Free Domain | Free SSL | 20% OFF | Buy Now
Replies
0
Views
1,953
MilesWeb
Aaron Lavers
How to copy a file to multiple directories in Linux?
Replies
1
Views
1,994
LJSHost
energizedit
  • Poll
Do you really need a knowledgebase?
Replies
13
Views
5,679
archhosting
Latest Threads
josephilip
Welcome to ServerMO: Excellence in Dedicated Server Hosting
Replies
0
Views
1
josephilip
cancan
Save an incredible 90% off! The Best HostPapa Deal so Far: Unlimited SSL, 50 GB NVMe, 24/7 support
Replies
0
Views
27
cancan
M
How to Choose the Best Web Hosting Provider for a New Website ??
Replies
0
Views
28
marcellosallas
J
Jtti: What are some common misconceptions about firewall rules?
Replies
0
Views
125
jtti
Mvv758
Hello
Replies
1
Views
79
AlbaHost
Recommended Threads
Fusion Arc Hosting
How to Install a Plugin in WordPress
Replies
5
Views
1,885
Dopani
HomeBiz
Do premium domain names have more opportunities for business?
Replies
2
Views
3,663
Inquestor
Dopani
Differences between MaxCDN, Incapsula, CDN.net, Rackspace, Cloudflare, Google Page Speed?
Replies
3
Views
3,233
TSmith
Marc0
How Easy Is Internet Marketing?
Replies
7
Views
3,764
LaniXO
johnworld093
Newbie
Replies
6
Views
1,856
DaRecordon
Similar Threads
harrygreen90
What should I change on the DirectAdmin control panel to make my server more secure?
Replies
10
Views
2,251
David Beroff
Mihai B.
Should I edit MySQL configurations for high-traffic websites?
Replies
3
Views
1,612
HifiveHost
Cheerag Nundlall
Should I choose a domain extension other than .com?
Replies
17
Views
5,857
portuguesedude
Chris Worner
Monthly maintenance checklist for WHM/cPanel: What should I be checking and updating?
Replies
8
Views
2,112
Harry P
Chris Worner
Should I change to a new server on Hetzner?
Replies
3
Views
1,602
MajorGap

Latest postsNew threads

Latest Hosting OffersNew Reviews

Popular Contributors - Past 30 Days

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
  • cpanel
  • dedicated
  • free
  • hello
  • hosting
  • hosting services
  • marketing
  • offers
  • seo
  • server
  • services
  • vps
  • web
  • web hosting
  • website
  • wordpress
    • Top