Yesterday, I received this email:
Which was strange because I didn’t request a password reset. I checked the IP from which the request originated on en.asytech.cn website and received the following info:
Looks like someone from that same IP address was trying to attack other websites too.
However, I use Cloudflare, which means it’s easy to block malicious IP addresses. If you don’t know what Cloudflare is, it’s a company that makes it possible to route all traffic through them. It helps to load your website faster and also protects it from attacks. They have a free tier, which is sufficient for such a small website as mine. If you have a website and don’t use Cloudflare you really should — all you have to do is change nameservers, and it takes just a few minutes.
Anyway, if you use Cloudflare, then you can set rules for IP addresses. So, I added a rule to block all incoming traffic from a range of IP addresses. One attempt is not a problem, but I wasn’t going to wait for more tries.
To block a range of IP addresses, just go to Firewall ⇾ Tools, and add a new rule: