How to Block IP Addresses on Heroku
Why would you need to block an IP address
Many poorly written, misbehaving, or malicious bots can be readily identified as generating traffic from a single IP address.
Blocking an IP is typically the first step to take in rejecting unwanted traffic hitting your site.
Prerequisites
What you need to get started:
- Expedited WAF add-on is setup in front of your application.
How to Block IP Addresses on Heroku
From the Block/Allow IPs page of your Expedited WAF dashboard, add each IP or CIDR-notated IP range that you want to block:
All requests from that IP/range will be stopped at the WAF and will not reach your Heroku application.
Notes
- To prevent accidentally blocking large portions of the Internet from reaching your site, block the narrowest effective IP range.
- In most cases you’ll need to layer in additional filtering rules in addition to blocking a single IP/range.
IP Resources
Learn more about IP addressing