4 Firewalls can't ban one IP

firewall

#1

Hi,

I used Cloudflare for many years very lazily just for DNS but from time to time I tried to use firewall with pathetic results. I’m not a Sys-Admin and I don’t want to sound offensive but this firewall doesn’t block anything for me.

I mean yes, I can successfully block myself but I can do nothing to protect my website from unwanted POST requests that flood one script of mine. I exactly know what IPs and Hostnames are involved and I want to block since 2016 but Cloudflare just doesn’t block them.

Before you ask I know how to configure the firewall and define rules. I’m also running cPanel with mod_cloudflare installed but I find hilarious that there’s no place where I can block these IPs that keep flooding me from years even though at the moment they’re simultaneously banned from:

  • Cloudflare Firewall
  • cPanel Firewall
  • VPS Firewall
  • .htaccess rules

Such requests are not some kind of hacks or ddos attacks. It’s a simple PHP script that sends POST requests with curl on every page load. The problem is that this script has been installed on 40+ websites! Of course it was a bug since in reaility it had to POST data only once every 2 weeks but people refuse to update softwares so I have to live with it.

I even tried with Pro plan but it didn’t change anything so that I’ve immediately downgraded my account back to “Free account” in less than 10 minutes.

Let me make it very simple. For a moment don’t think about POST, SSL, Hostname, and/or conditions, protocols. Let’s focus on one little thing. I want to ban an IP address I know from a list of 40+. Why on earth it doesn’t work?


#2
  1. Can you post a server log entry of one of these requests?
  2. Can you also post the IP Access Rules entry from the Firewall settings that you’ve set up to block that IP address?

#3

Your initial sentence might hold the key. Are you actually tunnelling/proxying your traffic through Cloudflare or still just using DNS? If it is the latter we’d have the explanation, as Cloudflare’s firewall will only work if you proxy through them.

But all right, a simple little question, how to ban an IP: you need to make sure the DNS record in question is set to :orange:, after which you create either an access rule or a firewall rule for that very IP address.

The other three firewalls are not Cloudflare related so it is difficult to say why they dont work. I have a possible idea why they might not work, but we’d first need to clarify your overall setup.

Whats the domain?