DDoS Protection Setup. Deny access to the domain for all but G-Core Labs' subnets and your trusted IPs.

To minimize your website vulnerability, deny access to it for all but G-Core Labs' subnets and your trusted IPs.

Network Firewall

Different hosting providers offer different firewalls (often for additional cost) so there is no one-for-all manual. The goal is to limit access to non-G-Core Labs subnets. Contact us via chat or email to support@gcorelabs.com to get an up-to-date list of subnets.

Web server

Don't use this method if you have set the X-Forwarded-For header: the requests will be blocked.

Apache

Example lines that should be added to .htaccess file (static trusted IP addresses can also be added):

order deny, allow

deny from all

allow from 13x.2xx.xxx.xxx/24

allow from 13x.2xx.xxx.xxx/24

Nginx

Nginx comes with a module called ngx_http_access_module to allow or deny access to IP. Below are example lines that should be added to your server configuration (static trusted IP addresses can also be added):

location / {

allow 13x.2xx.xxx.xxx/24;

allow 13x.2xx.xxx.xxx/24;

deny all;

}

Was this article helpful?
Recently viewed articles