Can I block or redirect an IP or an entire region or country from seeing my site?

Can I block or redirect an IP or an entire region or country from seeing my site?

Wed 03 October 12 Comments are Closed

Yes, you can block visitors per their IP address or redirect them based on their country. Countries will have a specific IP address range (or country code), and you can use that information to block or redirect all or some of their traffic.  There are more than one way to do this:

Redirecting a Country using GeoIP (mod_geoip)

The preferred and fastest method for checking against the country the visitor is coming from is to use GeoIP if your web server supports it. The Imageway web server does support the use of GeoIP. Here are some example scenarios that can be added to your .htaccess file:


# Redirect one country
RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^CA$
RewriteRule ^(.*)$ http://www.canada.com$1 [L]


# Redirect multiple countries to a single page
RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^(CA|US|MX)$
RewriteRule ^(.*)$ http://www.northamerica.com$1 [L]


# Redirect multiple countries to a single page if they don’t match
RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} !^(CA|US|MX)$
RewriteRule ^(.*)$ http://www.website.com/not-allowed [L]

Visit https://dev.maxmind.com/geoip/legacy/codes/iso3166/ for a listing of country codes.

Blocking a Country or Region using PHP

Searching the internet, we found a unique solution for blocking countries and regions via IP addresses with some PHP coding.

Visit http://timtrott.co.uk/block-website-access-country for more details about this method, including example code.

Blocking a Country or Region with htaccess Deny Rules (mod_rewrite)

Another way to do it is to block IP ranges in the .htaccess file for your site.

For a current list of IP addresses by country, please visit http://www.countryipblocks.net/

On the resulting page, click the “.htaccess deny” link for the desired country. This is the exact code you should paste in your .htaccess file. Usually the .htaccess can be put in your top level webpage/ folder so it can protect all your subdirectory paths.

This method is not the preferred method for countries with large IP ranges since if your .htaccess file is very large and takes too long for our web server to load, then it will be skipped. The preferred method would be to use the GeoIP example above since it keeps the .htaccess very small, and uses a internal memory database for lookup.

I have a specific IP I want to block.

To block multiple IP addresses, list them one per line by editing your .htaccess file, for example:

order allow,deny
deny from 127.0.0.1
deny from 127.0.0.2
deny from 127.0.0.3
allow from all

You can also block an entire IP block/range. Here we will not specify the last octet in the .htaccess file.

deny from 127.0.0

This will refuse access for any user with an address in the 127.0.0.0 to 127.0.0.255 range.

Instead of using numeric addresses, domain names (and subdomain names) can be used to ban users.

deny from isp_name.com

It bans users with a remote hostname ending in isp_name.com. This would stop all users connected to the internet via isp_name.com from viewing your site.

If you only want to allow certain IPs to connect to your website, you can set an option for deny from all, which will deny everyone.

This must be done by coding your .htaccess file as follows:

deny from all
allow from 70.24.291.52
allow from 216.130.49.223 #my house

Using .htaccess to block an entire range or name is likely to lock out innocent users. Use with caution.

Rate This Entry:
1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 5.00 out of 5)
Loading...
Share
Tags
  • There are no tags for this post
lance

back to top