Allow IPs not working


#1

There all,
Kindly assist, I have placed most countries on Firewall Challenge, this has stopped must applications like gtmatrix, orion, muwpdev smush cdn. Now, I got their server IP addresses, and allowed them on the firewall rule, no success. I also whitelisted them on the Firewall->Tools still no success.
How do I allow these applications pls?


#2

Have you tried putting those IP addresses in the same Firewall Rule to see if that fixes it?

Also, double-check the Firewall Event Log to see why those are getting blocked. It will most likely say “Firewall Rule” and the IP address of what got blocked.


#3

Yes, I have the IP addresses in hte Firewall Rule.
I have double checked, but I cannot find the IPs on the event log.

Do you have any similar configuration I can look at?
Thanks


#4

(not ip.src in {69.162.124.224/28 63.143.42.240/28 2400:cb00::/32 2405:b500::/32 2606:4700::/32 2803:f800::/32 2c0f:f248::/32 2a06:98c0::/29 104.131.107.63 122.248.234.23 128.199.195.156 138.197.150.151 139.59.173.249 146.185.143.14 159.203.30.41 159.89.8.111 165.227.83.148 178.62.52.237 18.221.56.27 188.226.183.141 216.144.250.150 34.233.66.117 46.101.250.135 46.137.190.132 52.60.129.180 54.64.67.106 54.67.10.127 54.79.28.129 54.94.142.218} and ip.geoip.country ne "DE")

Action here is block
In words: all listed IPs are allowed + all users from Germany. Don’t forget to allow Cloudflare AlwaysOnline If you’re using it.


#5

Thank MVP, below is my Firewall rule to allow Smush CDN Server IPs:

(ip.src eq 66.135.55.161 and ip.src eq 66.135.60.59 and ip.src eq 66.135.49.214 and ip.src eq 66.135.60.64 and ip.src eq 165.227.66.214 and ip.src eq 192.241.140.159 and ip.src eq 104.236.132.222 and ip.src eq 192.241.148.185)

Be so kind to assist in rewriting the right rule for me, including the “allow Cloudflare AlwaysOnline”
Thanks


#6

Hello MVP,
I mirrored your firewall configuration to permit Gtmtrix and smush CDN server, but not success. See config below.
(not ip.src in {66.135.60.59 66.135.49.214 66.135.60.64 165.227.66.214 192.241.140.159 104.236.132.222 192.241.148.185 208.70.247.157 204.187.14.70 204.187.14.71 204.187.14.72 204.187.14.73 204.187.14.74 204.187.14.75 204.187.14.76 204.187.14.77 204.187.14.78 199.10.31.194 13.85.80.124 13.84.146.132 13.84.146.226 40.74.254.217 13.84.43.227 104.214.75.209 172.255.61.34 172.255.61.35 172.255.61.36 172.255.61.37 172.255.61.38 172.255.61.39 172.255.61.40 13.70.66.20 52.147.27.127 191.235.85.154 191.235.86.0 52.66.75.147 52.175.28.116} and ip.geoip.country ne “NG”)

What could be wrong?


#7

Keep in mind that my example is negated. "If IP is not x y z and country does not equal DE then block all traffic.

What I understood is that you want to challenge almost everyone except the given IPs and NG. Set your rule to ‘challenge’ instead of ‘allow’