To minimize your website vulnerability, deny access to it for all but G-Core Labs' subnets and your trusted IPs.
Network Firewall
Different hosting providers offer different firewalls (often for additional cost) so there is no one-for-all manual. The goal is to limit access to non-G-Core Labs subnets. Contact us via chat or email to support@gcorelabs.com to get an up-to-date list of subnets.
Web server
Don't use this method if you have set the X-Forwarded-For header: the requests will be blocked.
Apache
Example lines that should be added to .htaccess file (static trusted IP addresses can also be added):
order deny, allow
deny from all
allow from 13x.2xx.xxx.xxx/24
allow from 13x.2xx.xxx.xxx/24
Nginx
Nginx comes with a module called ngx_http_access_module to allow or deny access to IP. Below are example lines that should be added to your server configuration (static trusted IP addresses can also be added):
location / {
allow 13x.2xx.xxx.xxx/24;
allow 13x.2xx.xxx.xxx/24;
deny all;
}