Block IP Address across all domains

Website, Application, Performance Security
1

Hi there,

I’m looking to block an IP address address across all my domains however because I have 387 this would take awhile to go into each firewall.

What’s my best solution?

2

Access rules!

Thats exactly the place where you can do that.

3

Where can I find access rules? Only shows a list of my domains and profile settings

4

Under the Firewall tab?

5

Yes but I have to click onto each firewall separately! I have 689 domains so I’m wanting to apply a firewall rule to all of them…

6

Hence access rules where you can set it account-wide. You just need to check out the documentation.

7

@josh11, no, you don’t:

access_rules
access_rules.png1040×536 25.9 KB

8

rules
rules.png1371×401 15.9 KB

Okay, thank you! that’s now setup because we are getting loads of attacks on website recently

9

Yes, thats the right option.

10

What’s a better package for a better firewall package on Cloudflare I have 689 domains so I’m not willing to pay $20 per domain however is there a monthly price we can pay as a company?

Basically mail-chimp mandrill is blocking the forms across the websites due to a amount of spam so I was hoping a firewall this resolve this problem.

Any suggestions would be great!

11

What is a better firewall?

12

Well is there a better solution to my problem if we are willing to pay? however it is 689 domains

13

If your problem is that one IP address than you already implemented the best approach.

14

The provider for that IP address is with a rapidswitch company so I’m guessing they can switch there IP?
Can I implement anymore across the websites?

15

You can block a CIDR too or even an entire ASN.

16

How would I do this for that IP address?

Thank you for all your help! Just trying to block spam to the forms so mail-chip stop blocking us!

17

inetnum: 185.17.149.128 - 185.17.149.191
netname: Windscribe_Limited
descr: Windscribe_Limited
country: GB

$ ipcalc 185.17.149.160/26
Address: 185.17.149.160 10111001.00010001.10010101.10 100000
Netmask: 255.255.255.192 = 26 11111111.11111111.11111111.11 000000
Wildcard: 0.0.0.63 00000000.00000000.00000000.00 111111
=>
Network: 185.17.149.128/26 10111001.00010001.10010101.10 000000
HostMin: 185.17.149.129 10111001.00010001.10010101.10 000001
HostMax: 185.17.149.190 10111001.00010001.10010101.10 111110
Broadcast: 185.17.149.191 10111001.00010001.10010101.10 111111
Hosts/Net: 62 Class B

18

That address is part of a /22 network which cannot be directly blocked via access rules.

You could only block either 185.17.149.0/24 or 185.17.0.0/16

19

What’s my best method for this? should I block them both /24 and /16 on the access rules?

20

It is either or, not both. It really depends where they come from. If they always use the same address you are fine the way it is, if they move within the range you could block the /24 address, the /16 one is probably too much.