Blocking by IP Address

To block longer lists of IP addresses, please check network ACLs.

To block traffic coming from one or multiple IP addresses, you can incorporate the following configuration snippet within the vcl_recv function.

sub vcl_recv{
    if (req.http.True-Client-Ip ~ "(|") { 
        call deny_request;

In this example, we use the IP address provided in the True-Client-Ip header. If the request comes from any of the listed IP addresses, it will be blocked immediately.

Last updated