Web Protection Setup. Deny access to the domain for all but Gcore's subnets and your trusted IPs.

To minimize your website vulnerability, deny access to it for all but Gcore's subnets and your trusted IP addresses.

Network Firewall

Different hosting providers offer different firewalls (often for additional cost) so there is no one-for-all manual. The goal is to limit access for non-Gcore subnets. Contact us via chat or email to support@gcore.com to get an up-to-date list of subnets.

Web server

Don't use this method if you have set the X-Forwarded-For header: the requests will be blocked.

Apache

Example lines that should be added to .htaccess file (static trusted IP addresses can also be added):

order deny, allow

deny from all

allow from 13x.2xx.xxx.xxx/24

allow from 13x.2xx.xxx.xxx/24

Nginx

Nginx comes with a module called ngx_http_access_module to allow or deny access to an IP address. Below are example strings that should be added to your server configuration (static trusted IP addresses can also be added):

location / {

allow 13x.2xx.xxx.xxx/24;

allow 13x.2xx.xxx.xxx/24;

deny all;

}

Was this article helpful?
Recently viewed articles