Results 1 to 12 of 12
  1. #1

    Block a whole country

    hi guys
    sometimes we need to block some countries and prevent them visit our websites
    it is for different reasons
    for example if your products or services are illegal in some countries
    Facebook uses very advanced tool allows anyone to block any country he wants or even allows visitors from specific country
    there some ways to block countries as I read
    I tried one of them by getting ip lines from ip2location
    like this tool
    https://www.ip2location.com/blockvisitorsbycountry.aspx
    they have given me a file and copied all lines and set them in htaccess file
    but I have a question if anyone knows the answer
    now if a lot of people from that country I have blocked tried to visit my website
    sure the Apache will tell them 405 forbidden
    but does it use Entry process ?
    the entry process is 20 only
    what if 20 in Same time from that country tried to visit my website in the same time ?
    does it will use 20/20 Entry Process ?
    anyone expert please answer the question or give another suggestion to block a country without use a lot of site resources

  2. #2
    Join Date
    Feb 2012
    Location
    Dallas, Texas
    Posts
    807
    It would be more efficient to block them with something like IPTables. So there wouldn't be any data sent from your webserver to the client. (thus saving cpu/memory/bandwidth)

    ConfigServer Firewall makes this fairly easy, you just specify the country code you want to block and it will input the needed iptables rules for you.
    Swiftnode.net − Performance VPS, Dedicated Servers & Game Servers
    12 Global Locations − North America, Europe, Japan, India, and Australia
    Always-On DDoS Mitigation (UDP & TCP) − Optimized Routing − 24/7 Support

  3. #3
    I think if your provided products and (or) services are not legal in the certain countries that should be blocked by the Govermant of such country and ISP will add your site to the list of blocked sources. I just trying to understand what do you need to have that completed from your end? That indeed drives you a kind of headacke and takes your time.
    But, still, users from forbidden country can use proxies or VPN servers to get to your site.
    --> http://www.webhostingzone.org/
    --> Secure and Reliable Web Hosting Services - cPanel / CloudLinux / Softaculous - Atlanta Data Center
    --> VPS Hosting, Linux Support, SSL certificates and more!

  4. #4
    Join Date
    Sep 2009
    Posts
    1,976
    If you use WP for your web site there are a lot of plugins that will block anything you want with just few clicks.

    If you want to play with iptables you can get the IP addresses all countries at: https://www.countryipblocks.net/country_selection.php
    LVPSHosting.com|Virtual Private Servers|Dedicated Servers|
    Managed Hosting Solution|24/7/365 Support
    Datacentar and servers location: Holland, Europe

  5. #5
    Quote Originally Posted by Swiftnode View Post
    It would be more efficient to block them with something like IPTables. So there wouldn't be any data sent from your webserver to the client. (thus saving cpu/memory/bandwidth)

    ConfigServer Firewall makes this fairly easy, you just specify the country code you want to block and it will input the needed iptables rules for you.
    I don't have a server I use shared hosting with CPANEL
    I added lines like this in htaccess file
    order deny, allow
    deny from 10.0.0./25
    deny from 10.78.9.8/267
    so do u think that use Entry process ?
    because a lot of people from that blocked country may visit the site In the same time and then the Apache will redirect them to 405 forbidden in same second

  6. #6
    Join Date
    Feb 2006
    Posts
    5,393
    Quote Originally Posted by lindalysippe View Post
    I don't have a server I use shared hosting with CPANEL
    I added lines like this in htaccess file
    order deny, allow
    deny from 10.0.0./25
    deny from 10.78.9.8/267
    so do u think that use Entry process ?
    because a lot of people from that blocked country may visit the site In the same time and then the Apache will redirect them to 405 forbidden in same second
    If this is a concern, you could put CloudFlare in front of the site. You can then set CF to challenge visitors from the countries you don't want to have access. This combined with the blocking server-side should have the desired effect. The CF challenge would stop you from spending resources blocking bots, etc.
    WHMEasyBackup.com - Take Control Of Your Backups!
    Complete Backup Solution For WHM Reseller Accounts

  7. #7
    Join Date
    Aug 2017
    Posts
    96
    Shouldn't the onus for managing banned content lie with the governing body that decides what needs to be banned? I can understand if you are getting hit by malicious actions originating from a specific country and blocking all traffic to your site from that country might stop this but seems like "over-kill"

  8. #8
    Join Date
    Dec 2011
    Posts
    1,460
    Quote Originally Posted by EugeneWHZ View Post
    I think if your provided products and (or) services are not legal in the certain countries that should be blocked by the Govermant of such country
    Seriously?

    How about a big giant huge NO to that.

    Quote Originally Posted by wansec-bob View Post
    Shouldn't the onus for managing banned content lie with the governing body that decides what needs to be banned?
    No no no a thousand times no.

    You do NOT want the government getting it in their head that they can decide who can visit what web sites.

    Bad idea. BAD.

    /grabs rolled up newspaper

    *whack!*

    No! Bad doggy!
    "I've seen spam you people wouldn't believe. Routers on fire off the OCs of AGIS. I watched MXes burning in the dark near the Cyberpromo Gateway. All those moments will be lost in time, like tears in rain. TTL=0."

  9. #9
    Join Date
    Jul 2011
    Location
    Niagara Falls, Ontario
    Posts
    3,283
    Quote Originally Posted by SneakySysadmin View Post
    You do NOT want the government getting it in their head that they can decide who can visit what web sites.
    While I agree there, I don't think it's up to the website to block countries in which their content may be illegal. If the government has already made the content illegal, they already are saying you can't visit that website (it just isn't blocked). As long as the site and its content is legal in both the owner's country and the provider's countries of operation, I don't see any issue with it being open to visitors.
    ~Tyler Morrison~

    "I like vending machines, because snacks are better when they fall. If I buy a candy bar at the store, oftentimes I will drop it so that is achieves its maximum flavor potential." ~ Mitch Hedberg

  10. #10
    Join Date
    Dec 2011
    Posts
    1,460
    Quote Originally Posted by Imthatguyhere View Post
    While I agree there, I don't think it's up to the website to block countries in which their content may be illegal.
    I agree with that.

    However I do not read the OP's request as one where they are trying to comply with some regulation somewhere... more as a vendor trying to weed out the orders they cannot fulfill and are just a waste of their time. If one cannot send an order to $COUNTRY then there's no point in accepting or processing them in the first place.
    "I've seen spam you people wouldn't believe. Routers on fire off the OCs of AGIS. I watched MXes burning in the dark near the Cyberpromo Gateway. All those moments will be lost in time, like tears in rain. TTL=0."

  11. #11
    Join Date
    Dec 2007
    Location
    Indiana, USA
    Posts
    19,178
    Putting the site behind CloudFlare and then using .htaccess code like this would work in most situations as well.

    Code:
    SetEnvIf CF-IPCountry RU BuzzOff=1
    Order allow,deny
    Allow from all
    Deny from env=BuzzOff
    Michael Denney - MDDHosting.com - Proudly hosting more than 37,800 websites since 2007.
    Ultra-Fast Cloud Shared and Pay-By-Use Reseller Hosting Powered by LiteSpeed!
    cPanel • Free SSL • 100% Uptime SLA • 24/7 Support
    Class-leading support that responds in minutes, not days.

  12. #12
    Join Date
    Aug 2017
    Posts
    96

    reply to Sneaky

    YELP yelp ....
    (head down n tail tucked)
    Completely agree with ya Sneaky.....but a bunch of regimes around the globe don't
    Last edited by wansec-bob; 05-16-2018 at 05:03 PM. Reason: addressing individual poster

Similar Threads

  1. Is it possible to block access from a whole country?
    By Amitz in forum Dedicated Server
    Replies: 25
    Last Post: 07-05-2011, 08:09 AM
  2. How do I block access to whole country on a server
    By hbhb in forum Hosting Security and Technology
    Replies: 3
    Last Post: 09-15-2008, 01:44 AM
  3. Replies: 2
    Last Post: 06-21-2007, 03:41 AM
  4. Block the whole country from accessing server
    By Shin Asuka in forum Hosting Security and Technology
    Replies: 10
    Last Post: 11-20-2004, 04:54 AM
  5. How to block an Entire Country
    By ryza in forum Hosting Security and Technology
    Replies: 9
    Last Post: 11-29-2002, 04:42 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •