New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
http://nginxlibrary.com/ip-based-country-blocking/
You can use .htaccess to block IPs of countries that you don't want. I use this one.
http://www.ip2location.com/free/visitor-blocker
I am using apache.
Does it need to be updated?
You can do it with free plan of cloudflare. Use the firewall tab add the country name select block option and add. You will have to repeat this step for all the countries you want to block.
You can only do javascript challenge, or captcha challenge. Can't block em no longer.
What about using something like this
Hi,
I use plugins wordpress, called iq block country
Blocking an entire country? Isn't that a little overkill?
I hear Vpnostan is blocked by many hosts, not the best traffic coming from there. The ISP do not verify their customers and somtimes let them do silly stuff.
Censorship is still a thing.
Actuallt i am going to block all countries except one.
That would be a whitelist then :P
Francisco
You could use something like Rage4 or CloudFront and set the IP to 127.0.0.1 for example and then set a GEO record for just your desired country to the actual IP. That's similar to what we do, and it's quite effective. It's not a complete block, but you could then still add an extra layer into the PHP code or something.
Sometimes it's generous. I block most of LACNIC, because they are a poorly run registry that seems to actively allow the use of human shields when it comes to abuse. Whether it's a region or country doesn't matter to me. I look for patterns of abuse, and take action as necessary. If you're in a IP range that is dirty, you can either act to clean it up or act to move, or pay me to accept the shit traffic. Empty complaints will fall on deaf ears.
imho it is much better to filter access by iptables: get country-IP database (i.e. from maxmind) and either use geoip-match or load IPs you want to block/allow into ipset...
btw such a filtering is never 100% accurate, as some providers (typically telco-ops) get trans-country assigned IPs...