IP Range. How to block?

Hi. I’m being spammed by an IP range but am a beginner when it comes to IPs/blocking. The IP is 185.191.171.1 - 185.191.171.99

E.g.

64.124.8.45
64.124.8.42
64.124.8.37

How do I block these? Thanks very much in advance!

You can create a Firewall Rule with a CIDR of xxx.xxx.xxx.0/24 that will block all of xxx.xxx.xxx.???

(ip.src in {185.191.171.0/24})

Thanks so much for the response.

So to block 64.124.8.xx I would do 64.124.8.0/24? And that would block 64.124.8.37 for example? Also may I ask why is it /24? Again thank you very much!

Would be:

185.191.171.1/32
185.191.171.2/31
185.191.171.4/30
185.191.171.8/29
185.191.171.16/28
185.191.171.32/27
185.191.171.64/27
185.191.171.96/30

Helpful link:

  1. Enter starting IP
  2. Enter ending IP

  1. Get IP ranges

At Cloudflare dashboard → WAF → Firewall Rules:

Expression:

  • (ip.src in {185.191.171.1/32 185.191.171.2/31 185.191.171.4/30 185.191.171.8/29 185.191.171.16/28 185.191.171.32/27 185.191.171.64/27 185.191.171.96/30})

In picture:

3 Likes

Amazing thank you so much. Really helped me out!!

1 Like

You could save yourself a rule and just block at ASN level as over time you will want to block many many IP’s / ASNs

  1. Lookup the ASN for the IP address you are wanting to block, 185.191.171.0, on ipinfo.io, 185.191.171.0 IP Address Details - IPinfo.io = AS209366 - SEMrush CY LTD
  2. Security, WAF, Tools, AS209366, Block, All websites in account, Name in Notes & Add
    This blocks at account level so all your sites get the same protection

Thanks Paul.

The main one I was having issues with was 64.124.8.xx which I believe is above. net? So the method you mentioned would work exactly the same for their IP range?

Yes: AS36321 - Castle Global Inc. covers the range 64.124.8.0/24
Hostname: 64.124.8.45.available.above.net

You can also check 64.124.8.45 ( Castle Global ) Fraud Risk which gives a good idea of how bad an IP / ASN is

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.