Blocking by IP Address

To block traffic coming from one or multiple IP addresses, you can incorporate the following configuration snippet within the vcl_recv function.

sub vcl_recv{
    if (req.http.True-Client-Ip ~ "(1.1.2.2|1.2.3.4)") { 
        call deny_request;
    } 
}

In this example, we use the IP address provided in the True-Client-Ip header. If the request comes from any of the listed IP addresses, it will be blocked immediately.