Firewall rule to block non-USA IPs not working

So I have the following rule set up

(ip.geoip.country ne "US")
then Block.

I had this rule set up a few weeks ago, so it definitely has had enough time to propagate.
When I check the logs on my server, I am seeing numerous IP addresses from outside USA.

Am I missing something here or is there a better way to configure this rule?

Thanks in advance!

These will be direct connections to your server. You need to make sure your server only accepts connections from Cloudflare and no others.

That makes sense. I changed the port forwarding rule on the gateway to only allow the 14 Cloudflare IP addresses and nothing is broken so I will assume it worked.

Thank you :slight_smile:

Keep in mind, it is network blocks, not just addresses, so pay attention to CIDR.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.