Skip to main content

On This Page
← AI News
AI News Cybersecurity Web Development

Blocking Unwanted Chinese Website Visitors

2 min read
Share

These articles are AI-generated summaries. Please check the original sources for full details.

Blocking Unwanted Chinese Website Visitors

The issue of unwanted traffic from Chinese visitors has become a significant concern for website operators, with automated scanners and bots wasting resources and polluting logs. A senior engineer recalls a 3 AM PagerDuty alert due to a slow, methodical, distributed scan for old struts vulnerabilities originating from Chinese IPs, highlighting the need for effective geo-blocking solutions.

Why This Matters

The majority of unwanted traffic is automated, looking for low-hanging fruit such as outdated plugins, unpatched vulnerabilities, and open admin panels. This traffic wastes resources, pollutes logs, and creates false alarms, making it essential to implement geo-blocking solutions to enhance operational hygiene. According to the engineer, this traffic can be reduced by up to 90% using the right blocking methods.

Key Insights

  • Cloudflare’s UI-based geo-blocking can block traffic by country at the edge, preventing requests from reaching origin servers.
  • Nginx can implement server-level geo-blocking using the ngx_http_geoip2_module with a MaxMind GeoIP database.
  • AWS WAF with automated threat intelligence feeds can block known malicious actors regardless of their origin, providing a comprehensive solution.

Working Example

http {
    # Define the path to your GeoIP database
    geoip2 /etc/nginx/geoip/GeoLite2-Country.mmdb {
        $geoip2_data_country_iso_code country iso_code;
    }
    # Create a map to check the country code
    # $is_blocked will be 1 if the country is CN, 0 otherwise
    map $geoip2_data_country_iso_code $is_blocked {
        default 0;
        CN 1;
    }
    server {
        listen 80;
        server_name your-awesome-app.com;
        # The actual block logic
        if ($is_blocked) {
            # Return a 444, which closes the connection without a response
            # It's cleaner and more efficient than a 403 Forbidden
            return 444;
        }
        # ... your normal server location blocks go here
        location / {
            proxy_pass http://app_backend;
        }
    }
}

Practical Applications

  • Use Case: A small team or startup can use Cloudflare’s geo-blocking feature to quickly block unwanted traffic.
  • Pitfall: Overly aggressive blocklists can sometimes include legitimate CIDR ranges, so it’s essential to test thoroughly and have a clear process for whitelisting.

References:

Continue reading

Next article

Understanding Terminal, Shell, and tmux for Efficient Development

Related Content

May 7, 2026

Architecting Serverless Language Platforms for Niche Dialects

Engineer Ricky Huang built Fulingo using AWS Amplify and DynamoDB to solve the 'resource desert' for Fuzhounese, achieving near-zero maintenance costs.

Read article
May 7, 2026

Local AI-First Architecture: Building a SaaS with Gemma 4 and Ollama

Developer Ian Akiles is building a local financial SaaS using Gemma 4 and Ollama to prove that complex AI insights can run without cloud APIs.

Read article
May 13, 2026

Engineering Autonomous E-commerce Crawlers: Bypassing Advanced Bot Detection Systems

Srichinmai Sripathi details building a crawler for PCI Oasis that bypasses WAFs like Cloudflare using Bézier curves and noise-injected Canvas fingerprints.

Read article