How to Block Countries in CloudFlare

Since traffic is the driving force behind any website, owners usually welcome a surge in visitor numbers. However, these surges can sometimes be caused by hackers and bots. As a webmaster, you can often trace these attacks back to a specific country. If traffic from these countries is not relevant to the operation of your website, blocking them is the best option. This way, you will protect your website and protect your visitors from harm.

If you’re not sure how to do this, you’ve come to the right place. Read on to learn how to block a country with Cloudflare.

Why block a country from your website

Security is the most common reason for blocking users from accessing your website. Every website is vulnerable to malicious traffic and security attacks. The most common attacks are:

  • XSS attacks that can destroy the private information of website users.
  • A DDoS attack that takes a website offline temporarily or permanently.
  • Phishing attacks that can compromise sensitive information of website users.
  • Injection attacks that target the server’s database directly and reveal user input and hidden data.
  • Directory traversal attacks that can compromise website access rights, databases, and configuration files.

If most of these attacks come from one or more specific countries, blocking them will save you and your website a lot of trouble.

Another reason for geoblocking is having country-specific websites. Say you have an online store that only caters to people who live in one country. If this is the case, blocking other countries can protect your server resources from being drained by useless traffic.

Finally, copyright, licensing terms, and other legal obligations may require blocking access to content on your site in specific countries.

How to know which countries to block

Although discussions about cyberattacks revolve mainly around China and Russia, each site is different. No guesswork is required as you can quickly check your site analysis to determine the source of the threat.

  1. Log in to your Cloudflare account.
  2. Select the domain whose analysis you want to check at the top of the page.
  3. Click the Analytics icon in the blue list of icons at the top of the page.
  4. Go to the “Security” tab.
  5. Navigate to the Threats by Country panel.

This panel is an interactive map that highlights the countries where threats to your website originated. Cloudflare Firewall provides most of the metrics for this tab.

To see where most attacks come from, check out the Top Threat Countries data sheet.

How Cloudflare Blocks a Country

There are several ways to block your website from accessing a country, including using ModSecurity or .htaccess files. However, if you don’t have access to your web server, using the Cloudflare firewall might come in handy.

For this method to work, you must have a Cloudflare account. Additionally, the account must be enabled for the domain whose traffic is to be blocked. Finally, the geo-blocking feature works best if you’re on an enterprise plan.

Once everything is in place, blocking a country on Cloudflare using the integrated firewall feature is relatively simple:

  1. Log in to your Cloudflare account.
  2. If you own multiple domains, at the top of the page select the domain to which this rule applies.
  3. Click the Security icon in the list at the top of the page.
  4. Click the Firewall Rules tab.
  5. Press the blue “Create Firewall Rule” button.
  6. Enter a descriptive name in the Rule Name field, such as “Block Bad Countries”.
  7. Navigate to the “When an incoming request matches…” section.
  8. Under Fields, select Country.
  9. Once the rest of the fields in the section are no longer grayed out, set the Operator field to On.
  10. Click the Values ​​tab to display a list of countries.
  11. Select each country you want to block access to your website.
  12. Click the “or” button next to the list of countries.
  13. Go to the “Then…” section.
  14. Under Choose Action, select Block.
  15. Once you have all countries set up, click the “Deploy” button.

Firewall rules are now created. Any traffic from the country you choose will be blocked.

However, the set rules are not limited. You can edit it to add or remove countries at any time. What this does:

  1. Navigate to the Firewall Rules tab.
  2. Scroll down to the list of rules.
  3. Click the wrench icon to the right of the rule you want to edit.
  4. Go to the “Value” field under the “When an incoming request matches…” section.

To block a new country, click the “Value” field and select a country from the drop-down list. If you want to unblock a country, just click the “x” symbol next to its name.

Once you’re satisfied with the updated list, tap “Save” in the bottom right corner of the screen.

If you want to block traffic from specific countries on a regular basis, you can make separate rules for them. Then whenever you want to unblock those countries, you can turn off the button next to the wrench icon. This will disable the firewall rule until you choose to turn it back on.

Also, if you no longer need a rule, you can delete it entirely. Just press the “x” button to the far right of the rule name.

How to make sure your firewall is working

If you’re not sure if your firewall rules are set up correctly, you can periodically check your firewall statistics. What this does:

  1. Click the “Security” icon in the list at the top of the page.
  2. Go to the “Overview” tab.
  3. Scroll down to Activity Log.

Under Activity Log, you can see the following tabs:

  • date
  • action taken
  • nation
  • IP address
  • Serve

You can find blocked countries under the Countries tab. If you have successfully blocked the country, the “Actions Taken” tab next to it will say “Blocked”.

Safety first

Protecting websites from malicious bots and hackers is the main reason why administrators consider blocking a country from accessing their website. Whether or not you consider geoblocking for the same reasons, Cloudflare gives you an easy way to achieve your goals.

The best aspect of using a firewall is knowing that it won’t affect your website and its traffic in any harmful way. It just blocks requests from unwanted countries before they cause problems.

Have you ever encountered a cyber attack problem on your website? How did you deal with them? Let us know in the comments section below.

Leave a Comment

%d bloggers like this: