Blocking by IP address

Typically, blocking malicious requests on a request-by-request basis is preferable than blocking by IP addresses. However, in some cases, using IP blacklists is necessary.

IP blacklists should be used in the following cases:

  • There is a need to reduce system load that was caused by the analysis of malicious requests.
  • Traffic processing is performed asynchronously.
  • There are extra resources that are not protected with WAF.

Blocking methods

All methods have advantages and disadvantages.

Blocking with Wallarm web interface

This is the most intuitive method providing the user with a convenient graphical interface to view and modify the blacklist.

Read more...

Blocking with Nginx

This method is the most resource-intensive one. However, it allows customizing the message that the user sees when the request is blocked.

Read more....

Blocking by iptables

This method does not allow you to configure the error message, but it affects server performance less.

Read more....

Blocking by external firewall

This method does not create any load on the server but requires additional integration of blacklist and firewall.

results matching ""

    No results matching ""