How to Block IP Addresses on Heroku

Why would you need to block an IP address

Many poorly written, misbehaving, or malicious bots can be readily identified as generating traffic from a single IP address.

Blocking an IP is typically the first step to take in rejecting unwanted traffic hitting your site.

Prerequisites

What you need to get started:

1. Expedited WAF add-on is setup in front of your application.

How to Block IP Addresses on Heroku

From the Block/Allow IPs page of your Expedited WAF dashboard, add each IP or CIDR-notated IP range that you want to block:

All requests from that IP/range will be stopped at the WAF and will not reach your Heroku application.

Notes

• To prevent accidentally blocking large portions of the Internet from reaching your site, block the narrowest effective IP range.
• In most cases you’ll need to layer in additional filtering rules in addition to blocking a single IP/range.

IP Resources

Learn more about IP addressing

• CIDR to IPv4 Convertor
• Subnet Calculator