Blocking IPs that visit a particular URL

Comments

1 comment

  • Richard Alpagot

    Hi Jazz,

    So there are multiple ways to go about blocking Ips but as you've used the word 'automatic' then I recommend speaking to sales@fastly.com about our WAF (this would deal with SQL injection based attacks) and bot detection services offered (bot detection is via a partner). As these are the easiest ways to go about achieving that goal in an automated fashion. This also is not necessarily blocked based on the IP of the attacker.

    If this is an occasional problem and you specifically want to do this on the IP as well as being something you'd want to handle then you could have a condition in VCL for the defined URL's and reference an ACL to deem if the IP is valid or not for access. Here are some VCL examples that handle blocking IP's with a response: https://www.fastly.com/demos?q=acl . The dictionary based example includes duration. You could also opt to develop automation by using our streaming logs and combining them with "versionless" edge dictionaries as some customers have done to build their own tooling based on what they see from their edge side logs.

Please sign in to leave a comment.