'How to Blacklist IP from Google Cloud Run Service?

We have our app deployed in Cloud Run which is schedule to run through cloud scheduler every half n hour but recently we are flooded with 401 and 403 errors . These are the new and recurring errors that have been spamming our alert system. We noticed some malicious hits made by third party to invoke our Cloud Run Service .

The remote IPs of the invoker (which is getting rejected each time due to not having the correct permissions to invoke pipeline executions) are consistent with a malicious party who is known for trying to disrupt or gain access to unsecured endpoints and resources online.

Details of the unauthenticated requests: Error - 401 - 209.17.96.*** - userAgent: "Mozilla/5.0 (compatible; Nimbostratus-Bot/v1.3.2; http://cloudsystemnetworks.com)" Error - 403 - 209.17.97.*** - userAgent: "Mozilla/5.0 (compatible; Nimbostratus-Bot/v1.3.2; http://cloudsystemnetworks.com)"

what could be a possible solution to restrict/blacklist these Incoming Traffic from our Cloud Run service ?enter image description here

securitynetworkinggoogle-cloud-platformgoogle-cloud-run


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

Secure cookies flag always getting lost in first session after resetting IIS

How to show or hide contents of an aspx page based on current user's roles

protect images on webpage from being copied/saved?

Getting error "403 - Forbidden: Access is denied" on browser when user is NOT administrator

Disable SSLHandshakeException for a single connection

SSL certificate error for IE users only

How to access HttpContext and Request in RequireAssersion?

Send Public key(generated as seckeyref in iPhone) to server(in Java)

The EXECUTE permission is denied on the user-defined table types?

cannot commit or push using egit (guess: issues with secure storage area)

Authorisation in microservices - how to approach domain object or entity level access control using ACL?

Adding nonce value to @Scripts.Render ASP.Net MVC razor pages with NWebSec

SSL Java java.io.IOException: Invalid keystore format

preventing abuse of API service usage

Protecting or Licensing a Django Application