How to Configure Dataforest IP Settings

Advanced IP Configuration

The IP Settings module provides granular control over the network perimeter of your Dataforest-protected assets. Within this interface, you can define how our mitigation infrastructure handles unmatched traffic, block entire geographical regions, and manage sophisticated IP whitelists and blacklists. These tools are essential for administrators who wish to implement a “Zero Trust” security architecture or strictly limit their service accessibility to specific communities.

Difficulty

Intermediate

Time

5 Minutes

Global Traffic Policy

The Default Action parameter determines how the firewall treats incoming packets that do not match any of your Custom Filtering Rules.

FILTER (Recommended): Traffic is passed through the specialized Dataforest mitigation engines. This is the optimal setting for public game servers, as it allows our AI to scrub for threats while delivering legitimate data.
DROP (Default Deny): All unmatched traffic is immediately discarded at the edge. This creates a highly secure environment where only traffic explicitly authorized by your custom rules can reach your VPS or dedicated node.

Technical Access Restrictions

Lock down your network based on the origin and provider of the incoming data.

ASN Blocking
Country Blocking

Autonomous System Number (ASN) blocking allows you to restrict traffic from entire internet service providers, data centers, or VPN networks. Input the numerical ASNs (separated by commas) to block or allow them.

Example: 15169, 16509, 8075 (Blocks Google, Amazon, and Microsoft data center ranges).

Geo-fencing allows you to restrict traffic based on the geographic origin (ISO-2 code) of the source IP. This is ideal for regional community servers looking to eliminate international botnet scans.

Example: US, GB, DE, FR, CN (Manage up to 20 country codes simultaneously).

Hierarchical IP Lists

IP Lists are advanced containers used to manage specific IP addresses or CIDR ranges with high-priority logic.

Create the Container

Click Create List and provide a descriptive identifier (e.g., Technical-Staff-Whitelist or Restricted-Proxy-Ranges).

Define CIDR Entries

Click View Entries next to your list and select Add Entry. Input the specific network range using standard CIDR notation (e.g., 1.2.3.4/32 for a single device).

Assign Priority Logic

Select Whitelist to ensure this range bypasses all mitigation logic, or Blacklist to drop all packets from this source before they reach the protocol validation layer.

Self-Lockout Risk

Be exceptionally careful when using the DROP default action or strict Country Whitelisting. If you inadvertently block your own IP address or ASN, you will lose all connectivity to your server. Always ensure you have a whitelisted administrative IP list established before enabling global restrictions.

Need Extra Help?

If you encounter any issues, our support team is ready to assist:

Live Chat: Quick assistance via our website.
Support Ticket: Open a Ticket
Discord: Join our Community
Email: [email protected]

Save on Your Hosting

Ready to get a new server? Use code KB20 at checkout for 20% off your first month!

Last Updated: January 2026 | Dataforest: Professional perimeter security.

Firewall Panel

​Advanced IP Configuration

Difficulty

Time

​Global Traffic Policy

​Technical Access Restrictions

​Hierarchical IP Lists

​Self-Lockout Risk

​Need Extra Help?

​Save on Your Hosting