Geo Blocking rule

Hi,
I am new to CF and trying to understand some GEP blocking rule which I am trying to implement on my existing system.

I added country as geo blocking however I can see that rule is not applying effectively, I still can see same Geo region still passing that rule, which means some of them are blocking and some of them are allowing.

Is there anything I can check what other rule I can check which may cause this rule to be inconsistence

Any help will be much appreciated.

Thank you
Rajiv

I am sorry to hear that, but I am also using country blocking method in my Firewall Rules.

It works fine and as is.
All the requests from the specific country, even are only allowed from it, or all except it are being successfully blocked.

As an example, allow only requests from Croatia and block all the requests from the other countries would look something like below:

I use it in a combination even of blocking the requests via TOR network.

May I ask how did you noticed some requests are still passsing that rule?
Which action have you got selected? “Block” or some other?

Regarding them not working, it could be possible that visitors are bypassing Cloudflare and going directly to your server. Your origin host/server logs should show non-cloudflare IPs hitting your server if that is the case?

If any non Cloudflare IP addresses are shown up, maybe you need to allow Cloudflare to connect to your origin host/server and also maybe you need to configure to restor the true visitor IP address (to see the real one from the visitor) in your log files?

See below articles for help and re-check:

This should work for Web traffic for sure.

While requests directly to your origin host/server - directly to the IP address - could still access, if you do not block them via some “lookup” and Geo2Lite or MaxMind database combination either on your Web server (Nginx, Apache …)

Or, you can try out using some tools like Imunify360 to block requests from countries accessing you server (IP) as it uses some kind of combination of scanning log file and comparing the comming request, therefore lookup the IP via MaxMind GeLite database and block the request for the country or more of them via the IP tables rules.

I am not sure what kind of a system you are using, neither what are your options on that one.

Hi Fritexvz,

Thank you for update, I think I made a mistake with my rule I only add the rule under IP access rule so I think it was blocked when CF sees that IP address is from that region and blocked Now I did on FW rule and add that rule I am expecting to see more block into coming days

Once again much appreciated for your guidance

Thank you
Rajiv

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.