As of Core Update 170 we have added a new feature that allows you to easily activate various public IP-based blocklists within the firewall engine. This will prevent traffic from and to IP addresses or networks with a bad reputation, being involved with cyber crime hosting or any other type of malicious activity.
Attackers change their IP block list addresses frequently in order to avoid getting blocked by blocking services such as email providers or web servers. However, criminals also often use spoofing techniques to hide their true origin. In addition, they can rent botnets with thousands or even millions of devices such as end-user computers or Internet of Things (IoT) that have been hacked into large networks that can be used to launch attacks.
Blocking access to these kinds of devices can significantly reduce data breaches and other types of fraudulent activity on your website. For example, blocking access to a suspicious IP address or network can prevent bots from attempting to submit multiple forms with sensitive information. This can significantly lower your risk of being attacked with ransomware or other malware.
To set up an IP block list rule simply go to the Firewall panel and click on the IP Block List tab. Here you can enter a range of IPs that you would like to block, along with the option to specify direction, TCP version and protocol. You can also add a friendly name and a reason for the block. Once you’re done, hit the “Block” button and the corresponding IPs will instantly get blocked.