New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
how to block a country to visit my web ?
I'm using cloudflare, and want to block a country to visit my website. I tried it on cloudflare but it shows "Forbidden. Only Enterprise customers and enterprise zones are allowed to block a country (Code: 1002)"
as I inquiry the price, their quote $3800, it is unaffordable for me, so wondering any other alternative ways to block that country visitors?
as the CDN is on, so all visitors visited my website with cloudflare IP
Comments
That's a hefty price. The easiest way would be to just block the IP ranges from the top ISP's in that country on your web server, but obviously that isn't very efficient. Edit: This site is useful for getting formatted list for your web server config.
The simplest way is adding a whole shit of ip blocks from a country via .htaccess. Now that's rather ineffective nowadays but blocks ordinary people.
You could try:
https://www.ip2location.com/blockvisitorsbycountry.aspx
this is not workable, as now the CDN is on, and all ips visit my website is cloudflare's IP, not original ip
Web server blocks still go through CloudFlare as long as you're passing the user IP with mod_cloudflare or whatever it is for Apache, all of them are easy, just a quick Google.
CSF has a country block option.
https://www.liquidweb.com/kb/how-to-block-traffic-by-country-in-the-csf-firewall/
https://www.google.com/search?q=csf+country+block
it's windows IIS7 server
Sign up with BunnyCDN, it cost $0.01 /GB and you can block countries directly from the panel. They have free 14 days trial at no cost.
Are you on a vps? What's your site setup like?
Cloudflare offers a IIS module to restore original visitor IP addresses.
Run a reverse proxy using nginx infront of it. Setup CSF on that Linux server.
What about enabling IP Geolocation and:
Modify as needed, 'PH' being the country code you want to block. It's a header sent by Cloudflare, so I'm sure there's applicable code for it for other languages.
See https://support.cloudflare.com/hc/en-us/articles/200168236-What-does-Cloudflare-IP-Geolocation-do-
Given this is on Windows, if you're running a recent enough ASP.NET site or even ASP.NET Core site, you can use the HttpContext.Connection.RemoteIpAddress property, look up the Country via GeoIPLite and return a NotFound() or Forbid() IActionResult.
Now this will work right if you have access to the site's source code. If you don't, you're going to have to setup an nginx reverse proxy and filter out visitors that way.
There are several free ways to block visitors by country.
You need to have a lookup table for blocking, and you can export it from URL below for free.
https://www.ip2location.com/free/visitor-blocker
Just blackhole the IP ranges from the country. Lots of tools out there that keep semi-updated lists of IP geolocation.
Use cloudflare to block IPs by ASN may be easier. Like AS4134 for China Telecom.
>
For major countries this could easily work. Blocking China Telecom and Unicom and you pretty knock out china. Block Rostelecom and ER-Telecom and Vimplecom for Russia, same effect.
You can easily just lookup which ISP serves which countries.
And please note also that properly setup proxy/VPN will still allow your visitors from blocked country to actually access the site.
block top ISP asn of that country in cloudflare firewall
You can block a range of IP addresses. I recommend to use this tool https://www.ip2location.com/blockvisitorsbycountry.aspx