How can I restrict countries using Cloudflare?
Growing traffic on your website can seem like a good thing, but sometimes it happens due to hacking or bots. As an web admin, you might be able to trace these attacks pretty easily.
If the traffic from certain countries isn’t relevant to your site, it’s best to block them. By doing so, you can protect your website by blocking any malicious third-party requests.
Keep reading to learn how to block a country from accessing your website on Cloudflare.
Why Block a Country to access your Website?
Security is the important for any application. If the webserver is not secure, it is prone to a number of attacks. It is necessary to conduct a regular web audit to ensure the webspace is secure. The most common types of attacks that your server can experience:
XSS attacks - leads to loss of the website users’ private information.
DDoS attacks - can cause website downtime.
Phishing attacks - can compromise users’ sensitive information.
Injection attacks - creates hidden files, code to access vital information and threat to the database.
Directory traversal attacks - can exploit vulnerabilities in these parts of the website, jeopardizing the security of sensitive data and their configuration settings.
If most of the attacks originate from one specific country, blocking them will save you and your website a lot of trouble
Another reason for geo-blocking is having a country-specific website. As an example, if you own an online shop that only caters to people in your country, blocking visitors from other countries can protect your server resources.
We know that you want everyone to be able to access your content, but it's important that you make sure to comply with the law. Copyright, licensing terms, and other legal obligations might require blocking certain countries from accessing your content.
Why to switch to Cloudflare?
Cloudflare is your one-stop-shop for all things. The free version of Cloudflare can help you with a few of the core features, like CDN, DNS and security. Unlike other services, you also get some performance boosts to give your site a faster load time. You'll also find a ton of other helpful features, like reducing page load time and fighting mobile data theft!
- Improve Page Load Time
- Improves Search Engine Optimization
- Safeguards Attacks from DDoS Attacks
Here's a blog to that explain how to manage DNS records on Cloudflare?
How to know which Countries to Block?
If you're a Cloudflare customer, this process is pretty simple. Here are the steps to identify what countries are putting your website at risk.
Login to your Cloudflare account
Select the website
Navigate to Analytics → Security
Scroll down to “Threats By Country” section and select “Previous 30 Days“ as the time range
In the “Top Threat Countries / Regions” table, you’ll see the top countries that are causing security issues to your website.
How to Block Country with Cloudflare?
You can block a country from your website by using ModSecurity, .htaccess files or by using the Cloudflare Firewall. For this method to work, you need a Cloudflare account and the domain that has proxy enabled for blocking traffic.
Here are the steps for blocking a country on Cloudflare from accessing your website
Login to your Cloudflare account
Select the website domain that you need to apply firewall blocking rules.
Navigate to Security → WAF
Click on “Create firewall rule”.
Enter the “Rule Name”, select “Country” from “Field”, “Operator” should be “equal” and select the countries you want to block in the “Value” field.
Choose action should be “Block”.
Click on “Deploy Firewall Rule”.
Yes! You've successfully set up a firewall rule. Traffic will be blocked any countries you have selected.
To ensure the firewall is working, you should do the following:
Navigate to Security → Events
Scroll to “Activity Logs”.
Look for the countries you've blocked under the “Country” tab. Crosscheck if Cloudflare Firewall has blocked them correctly, it will display that under “Action taken”.