How to Block a Country in Cloudflare Free Account?

We expect all the people in this world to be good. However, this is definitely not the case in website building area. There will be hundreds of thousands of bad bots and people try to destroy your site in different ways. To protect your site and apply basic security, you need to rely on Web Application Firewall (WAF) providers like Cloudflare. Though Cloudflare offers country blocking only for premium enterprise level users, it is also possible to block a country in Cloudflare free account.

Why Country Blocking is Needed?

Here are some of the reasons you may want to block all traffic from a specific country (or multiple countries).

• You receive bad traffic from a country like comment spamming or contact form spamming.
• People scrap your content, translate and publish. In this case, blocking that country will first stop the person to scrap and then block the users from the referral traffic from the already linked content.
• Someone try to hack from a particular country using DDoS or XSS attacks.
• You do not have any visitors or do not like users/bots from a countries like China and Russia to access your site.

Whatsoever is the reason, the first thing is to find the country you want to block. If you are already sure about the country, then you can proceed to step 2. Otherwise, follow the instructions in step 1 to find the security threats at country level from your free Cloudflare account.

Step 1 – Find Security Threat from Countries

Login to your Cloudflare account and select the site you want to check. When you are in the dashboard, go to “Analytics > Security” section. Here, you can find from which country you received most threats. In our case, it shows “RU” which is Russian Federation. By default, the time frame will show for previous 24 hours. However, you can change the time from 30 minutes to 30 days and confirm the country before you take action.

Scroll down further on the page to view the list of counties under “Top Threat Countries / Regions”.

After finding the countries you want to block, go to “Security > Events” section. Here you can view all the threats recorded by Cloudflare with more details. Check under “Service” column or click any threat from the country (RU in our case) to find the type of threat.

To find threats from the top threat country, click on the “Add filter” button. This will open a dropdown and select the followings.

• First box – Country
• Second box – equals
• Third box – select the country to block (Russian Federation in our case)

Click “Apply” button to get the list of threats from the country.

We recommend you to check these details to make sure you are not wrongly blocking a country which may lead to loss in traffic.

Step 2 – Block Country in Cloudflare

After confirming the country to block, go to “Security > WAF” section. Under “Firewall rules” section, click on “Create firewall rules” button.

On the page that appears, you will see a form to fill the required details. First fill the “Rule name” like “Block RU”.

Select the followings from the dropdown under “When incoming requests match…” section.

• Field – select “Country”
• Operator – select “is in”
• Value – select the country from the list, you can select multiple countries to block.

Cloudflare will show the expression preview as ip.geoip.country in {“RU”} which you can find it in “Security > Events” section. Finally, select “Block” under “Then..” section.

Click on “Deploy firewall rule” button to apply the country level blocking.  You will see the newly created rule under “Security > WAF” dashboard section. Wait for some time and you will start seeing the total number of blocked threats will start showing as shown below. You can remove or edit the rule anytime to allow the country or change the parameters.

Step 3 – Checking Blocked Threats

Click on the blocked threats number (150 in the above picture) or go to “Security > Events” section. Under “Service” column, you will see the description as “Firewall rules” for the traffic from blocked countries. If you are not seeing “Service” column”, click on “Edit columns” button and add that column to view. Click on the threat item and you will see the “Expression” as you have seen in the firewall rule.

Final Words

That’s all to it and you have successfully blocked all traffic from a country or list of countries. You can also manually confirm the blocking is working or not by using a VPN and open your site from the blocked country. Cloudflare allows to set 5 firewall rules for free plan and you can create similar rules to block IP, continent and traffic from individual website name. Remember, all traffic including good search engine bots from the country IP address will be blocked when you block a country. This is also a good idea to block Baidu and Yandex search engines if they are crawling your site.