diff --git a/templates/nginx.conf b/templates/nginx.conf
index cb95967..41563d2 100644
--- a/templates/nginx.conf
+++ b/templates/nginx.conf
@@ -17,15 +17,26 @@ http {
 
     proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=peertube_cache:10m max_size={{ cache_size_gb }}g use_temp_path=off;
 
+    geo $bad_user {
+        default 0;
+        103.114.191.0/24 1;
+    }
+
     server {
         listen 443 ssl http2;
         listen [::]:443 ssl http2;
         server_name {{domain}};
 
         # Block all requests from Gab instances
+        # https://soteria.mastodon.host/notice/9ke8a2nybZ0yPiHBJY
         if ($http_user_agent ~* "GabSocial") {
             return 404;
         }
+        # Block all requests from Kiwifarms IP range
+        # https://glitch.social/@kyzh/102435853605463552
+        if ($bad_user) {
+            return 404;
+        }
 
         ssl_certificate /etc/letsencrypt/live/{{domain}}/fullchain.pem;
         ssl_certificate_key /etc/letsencrypt/live/{{domain}}/privkey.pem;