How to ban IPs from <insert country> from viewing my website?

AdladUK · 28 Feb 2007 at 16:40

I have a personal website that I made for friends and family based in the United Kingdom. I wish to block access to anyone outside the UK, specifically the US.

This is in no way for malicious reasons, I simple wish to reduce my bandwidth bills.

I know there are ways to ban specific IPs from your site, but is there a way to ban an entire country? Seems excessive, I know, but I remember reading about when Bush was running for presidency how they blocked anyone outside the US from viewing his personal page (again for bandwidth reasons), so I know it's possible...

Any help or information is greatly appreciated.

Thank you in advance.

matja · 28 Feb 2007 at 17:08

If you run your own Apache web server, simply install mod_geoip and make an .htaccess file with something like :

Code:

GeoIPEnable On
GeoIPDBFile /usr/share/geoip/GeoIP.dat
SetEnvIf GEOIP_COUNTRY_CODE US block_country
Deny from env=block_country

If you don't use Apache or don't have access to the web server config, you could redirect all accesses through a wrapper Perl/PHP/CGI script which checks the IP via a local GeoIP database (there are several free, and not-so-free implementations).

AdladUK · 28 Feb 2007 at 17:45

matja said:
If you run your own Apache web server, simply install mod_geoip and make an .htaccess file with something like :

Code:

GeoIPEnable On GeoIPDBFile /usr/share/geoip/GeoIP.dat SetEnvIf GEOIP_COUNTRY_CODE US block_country Deny from env=block_country

If you don't use Apache or don't have access to the web server config, you could redirect all accesses through a wrapper Perl/PHP/CGI script which checks the IP via a local GeoIP database (there are several free, and not-so-free implementations).

Thank you for that.

Before I try to do what you have said, I was wondering if something simplier might work...

I came across the following method through a Google search:

- Make a .htacess file on your server
- In the .htaccess file post the following text...

order allow,deny
allow from all
deny from 60.254.128.0/18
deny from 163.60.0.0/16
deny from 192.103.43.0/24
deny from 202.72.96.0/20
deny from 202.76.240.0/21
deny from 203.77.184.0/21
deny from 203.144.48.0/20
deny from 203.187.128.0/19
deny from 3.0.0.0/8
deny from 4.0.0.0/8
deny from 6.0.0.0/8
deny from 7.0.0.0/8
deny from 8.0.0.0/8
deny from 9.0.0.0/8

... And so forth

I actually have a complete list of US IPs. It's about 30,000 lines long.

Do you think this would work?

AdladUK · 28 Feb 2007 at 17:50

Sorry forgot to mention, I have a shared hosting account with godaddy.com

Cheap I know, but it's always served its purpose to me.

I know .htaccess works on GoDaddy as I've had one of those .htaccess/.htpasswd setups running in the past.

AdladUK · 28 Feb 2007 at 18:00

OMG it worked!!!

matja · 28 Feb 2007 at 19:56

yea, just make sure you keep it moderately up-to-date

IP netblocks change ownership on a daily basis