To minimize your website vulnerability, deny access to it for all but Gcore's subnets and your trusted IP addresses.
Network Firewall
Different hosting providers offer different firewalls (often for additional cost) so there is no one-for-all manual. The goal is to limit access for non-Gcore subnets. Contact us via chat or email to support@gcore.com to get an up-to-date list of subnets.
Web server
Don't use this method if you have set the X-Forwarded-For header: the requests will be blocked.
Apache
Example lines that should be added to .htaccess file (static trusted IP addresses can also be added):
order deny, allow
deny from all
allow from 13x.2xx.xxx.xxx/24
allow from 13x.2xx.xxx.xxx/24
Nginx
Nginx comes with a module called ngx_http_access_module to allow or deny access to an IP address. Below are example strings that should be added to your server configuration (static trusted IP addresses can also be added):
location / {
allow 13x.2xx.xxx.xxx/24;
allow 13x.2xx.xxx.xxx/24;
deny all;
}