API
The Gcore Customer Portal is being updated. Screenshots may not show the current version.
Web security
Web security
BillingCreate protected resourceUse Web Security and CDNConfigure protection settingsAdd an SSL certificateRate LimiterSet the Access PolicyDeny accessSet the X-Forward-For headerCheck reports
View eventsCreate rulesRule typesManage triggersSettings
How do I change an A record?What criteria do you analyze?I see lots of requests from several IPs. Could this be an attack?I changed my A record long time ago, but you are not filtering it. What to do?Attackers have found out my origin IP and are attacking it directly. What should I do? directly. What should I do?Who is attacking us?Will a blacklisted user get unblocked after a particular time?During a DDoS attack, we changed your IP address, but we still have problems with the performance. Why?Do you protect against attacks targeted at DNS?Can you disable the protection for some time for the entire site or certain parts of the site?How long does the service enabling take?Which web crawlers doesn't your service block?Force an IP banGet all banned IP addresses for all resourcesRenew SSL certificates
API
Chosen image
Home/Web security/FAQ/Force an IP ban

How to force an IP ban?

You can force an IP or subnet mask ban using a whitelist policy. This allows requests from all IPs or subnets, except specified IPs or subnet masks.

Note: To ban all IPs or subnets except specified values, select the blacklist option.

You can set an IP ban in two ways: in the customer portal or via the API.

Force an IP ban in the customer portal

1. Go to your list of resources under protection.

2. Click three dots on the line of the relevant resource and click Access Policy.

How to open Access Policy settings of the resource under protection

3. On the page that opens, type the IPs or subnet masks in the “Whitelist” field (click the plus button on the right to add more than one) and save changes.

How to force an IP ban

That’s it. The specified IP will be banned for two hours.

Force an IP ban via API

Here’s an example of restricting a specific IP using an API request:

// @name Get client ddos resource
GET https://api.gcore.com/security/resources/<resource_id>
Authorization: Bearer {{token_client}}
Content-Type: application/json
> {%
    client.global.set("resource", JSON.stringify(response.body.resource));
%}
###
// @name Add whitelist into ddos resources
< {%
    let resource = client.global.get("resource");
    resource = JSON.parse(resource);
    resource["whitelists"] = [{"whitelist_data": "3.3.3.3"}];
    resource = JSON.stringify(resource);
    request.variables.set("resource_whitelist", resource);
%}
PUT https://api.gcore.com/security/resources/<resource_id>
Authorization: Bearer {{token_client}}
Content-Type: application/json
{{resource_whitelist}}

Was this article helpful?

Not a Gcore user yet?

Discover the all-in-one Web security solution by Gcore

Go to the product page
Edit on GitHub