Rate and security rules

Hello everything is fine? I would like to know in practice how I can increase the security of my website/application on Cloudflare, restricting countries that use VPN or servers from countries abroad (Russia, Ukraine, etc.) to try to invade and take down websites/applications, I would like to know how I can protect myself from things like this and also other rules that I can create to help me, thank you in advance

Hi there,

This is a very broad question, but I’ll do my best to try and answer all.

I would like to know in practice how I can increase the security of my website/application on Cloudflare, restricting countries that use VPN or servers from countries abroad (Russia, Ukraine, etc.)

There’s no absolute way of blocking VPN traffic. Good VPN providers spread out their exit node IP addresses and unless it’s by IP reputation or the fact that there’s too much traffic coming from that IP address (ie several viewers using the same VPN exit node), there is no way of blocking it.
Having said that, you can increase your security level under Security > Settings, to have Threat score less lenient when analyzing IP reputation.

As for the blocking countries, you can do that under Security > WAF > + Create rule.
You can either create a rule to block certain countries ie:


or create a reverse rule where it blocks all traffic not originating in a pre-approved list of countries:

I would like to know how I can protect myself from things like this and also other rules that I can create to help me, thank you in advance

I would say enable every security feature available for your plan and go from there. If you start seeing false positives, consider creating exceptions for them, being as specific as possible with each exception.

Take care.

Very good, I liked it, other questions
1 - which countries should I not block to avoid problems with Google tracking (robots.txt for example) google analytics, USA and Canada only or are there others that I should avoid blocking if I use these services?
2 - how do I see which countries/IPs are trying to access my platform/site to block these IPs or countries?
3 - can I see if a user is trying to invade/access/brute force any specific page on my website? For example, he discovered my website admin addresses and was trying to perform brute force so I could block his country or IP.

Thanks in advance

Nobody will answers these questions, you have to try things and see how they work based on your needs.

It seems that you are new to cloudflare, so spend some time tuning the platform around your needs and you get a better understanding on how it works. My honest opinion is that if you have something more than a simple website, upgrade to Pro plan, it’s simply excellent.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.