• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

How to block IP-addresses or ISPs of certain countries ?

mjp

Well-known member
#4
I don't know if I would do that.

I work in a business where all of our sales are online, and we get a fair amount of fraud from Nigeria. But we get an equal (or greater at times) number of legitimate accounts from Nigeria. If we blocked them we would miss out on dozens of new accounts every month. Not a lot, but also not a number you would want to turn away at the door.

Unless you're having a very serious problem with Nigeria, blocking them for no reason is counterproductive. It's a big country, and not everyone in it is a thief.
 

a legacy reborn

Well-known member
#5
You probably should not block a country...but this should work :)

Code:
41.58.0.0/16
41.67.128.0/18
41.71.128.0/17
41.73.0.0/19
41.73.128.0/19
41.73.224.0/19
41.75.16.0/20
41.75.80.0/20
41.75.192.0/20
41.76.64.0/21
41.76.72.0/21
41.76.80.0/21
41.76.152.0/21
41.76.192.0/21
41.76.248.0/21
41.77.40.0/21
41.78.8.0/22
41.78.12.0/22
41.78.80.0/22
41.78.88.0/22
41.78.100.0/22
41.78.156.0/22
41.78.172.0/22
41.78.208.0/22
41.78.224.0/22
41.78.252.0/22
41.79.4.0/22
41.79.64.0/22
41.84.160.0/19
41.86.128.0/19
41.87.64.0/19
41.138.160.0/19
41.139.64.0/18
41.155.0.0/17
41.184.0.0/16
41.189.0.0/19
41.190.0.0/19
41.190.240.0/22
41.191.108.0/22
41.203.64.0/19
41.203.96.0/19
41.204.224.0/19
41.205.160.0/19
41.206.0.0/19
41.206.224.0/19
41.211.192.0/18
41.215.244.0/22
41.216.160.0/20
41.216.232.0/22
41.217.0.0/17
41.217.204.0/22
41.219.128.0/18
41.219.192.0/18
41.220.64.0/20
41.221.112.0/20
41.221.160.0/20
41.222.40.0/21
41.222.64.0/21
41.222.144.0/21
41.222.208.0/22
41.223.64.0/22
41.223.128.0/22
41.223.136.0/22
41.223.144.0/22
41.223.168.0/22
62.173.32.0/19
62.193.160.0/19
80.248.0.0/20
80.250.32.0/20
82.128.0.0/17
193.189.0.0/18
193.189.64.0/23
193.189.128.0/24
195.166.224.0/19
196.1.133.0/24
196.1.176.0/20
196.3.60.0/22
196.3.180.0/22
196.10.202.0/24
196.22.6.0/24
196.27.128.0/17
196.29.208.0/20
196.32.224.0/23
196.40.192.0/18
196.43.215.0/24
196.45.48.0/20
196.46.20.0/24
196.46.27.0/24
196.46.240.0/21
196.200.64.0/20
196.200.112.0/20
196.207.0.0/20
196.216.144.0/22
196.216.148.0/22
196.216.184.0/22
196.216.251.0/24
196.216.253.0/24
196.216.255.0/24
196.220.0.0/19
196.220.64.0/19
196.220.192.0/20
196.220.240.0/20
197.244.0.0/16
197.253.0.0/18
197.255.0.0/18
197.255.160.0/20
197.255.208.0/20
212.100.64.0/19
217.14.80.0/20
217.117.0.0/20
My bad...that is for a firewall...here is a list for .htaccess :)

Code:
<Limit GET HEAD POST>
order allow,deny
deny from 41.58.0.0/16
deny from 41.67.128.0/18
deny from 41.71.128.0/17
deny from 41.73.0.0/19
deny from 41.73.128.0/19
deny from 41.73.224.0/19
deny from 41.75.16.0/20
deny from 41.75.80.0/20
deny from 41.75.192.0/20
deny from 41.76.64.0/21
deny from 41.76.72.0/21
deny from 41.76.80.0/21
deny from 41.76.152.0/21
deny from 41.76.192.0/21
deny from 41.76.248.0/21
deny from 41.77.40.0/21
deny from 41.78.8.0/22
deny from 41.78.12.0/22
deny from 41.78.80.0/22
deny from 41.78.88.0/22
deny from 41.78.100.0/22
deny from 41.78.156.0/22
deny from 41.78.172.0/22
deny from 41.78.208.0/22
deny from 41.78.224.0/22
deny from 41.78.252.0/22
deny from 41.79.4.0/22
deny from 41.79.64.0/22
deny from 41.84.160.0/19
deny from 41.86.128.0/19
deny from 41.87.64.0/19
deny from 41.138.160.0/19
deny from 41.139.64.0/18
deny from 41.155.0.0/17
deny from 41.184.0.0/16
deny from 41.189.0.0/19
deny from 41.190.0.0/19
deny from 41.190.240.0/22
deny from 41.191.108.0/22
deny from 41.203.64.0/19
deny from 41.203.96.0/19
deny from 41.204.224.0/19
deny from 41.205.160.0/19
deny from 41.206.0.0/19
deny from 41.206.224.0/19
deny from 41.211.192.0/18
deny from 41.215.244.0/22
deny from 41.216.160.0/20
deny from 41.216.232.0/22
deny from 41.217.0.0/17
deny from 41.217.204.0/22
deny from 41.219.128.0/18
deny from 41.219.192.0/18
deny from 41.220.64.0/20
deny from 41.221.112.0/20
deny from 41.221.160.0/20
deny from 41.222.40.0/21
deny from 41.222.64.0/21
deny from 41.222.144.0/21
deny from 41.222.208.0/22
deny from 41.223.64.0/22
deny from 41.223.128.0/22
deny from 41.223.136.0/22
deny from 41.223.144.0/22
deny from 41.223.168.0/22
deny from 62.173.32.0/19
deny from 62.193.160.0/19
deny from 80.248.0.0/20
deny from 80.250.32.0/20
deny from 82.128.0.0/17
deny from 193.189.0.0/18
deny from 193.189.64.0/23
deny from 193.189.128.0/24
deny from 195.166.224.0/19
deny from 196.1.133.0/24
deny from 196.1.176.0/20
deny from 196.3.60.0/22
deny from 196.3.180.0/22
deny from 196.10.202.0/24
deny from 196.22.6.0/24
deny from 196.27.128.0/17
deny from 196.29.208.0/20
deny from 196.32.224.0/23
deny from 196.40.192.0/18
deny from 196.43.215.0/24
deny from 196.45.48.0/20
deny from 196.46.20.0/24
deny from 196.46.27.0/24
deny from 196.46.240.0/21
deny from 196.200.64.0/20
deny from 196.200.112.0/20
deny from 196.207.0.0/20
deny from 196.216.144.0/22
deny from 196.216.148.0/22
deny from 196.216.184.0/22
deny from 196.216.251.0/24
deny from 196.216.253.0/24
deny from 196.216.255.0/24
deny from 196.220.0.0/19
deny from 196.220.64.0/19
deny from 196.220.192.0/20
deny from 196.220.240.0/20
deny from 197.244.0.0/16
deny from 197.253.0.0/18
deny from 197.255.0.0/18
deny from 197.255.160.0/20
deny from 197.255.208.0/20
deny from 212.100.64.0/19
deny from 217.14.80.0/20
deny from 217.117.0.0/20
</Limit>
 

Anthony Parsons

Well-known member
#6
http://www.ipdeny.com/ipblocks/ is one quick way to get the most current lists.

There are companies that you can subscribe with, incorporate their software into your website, and thus automatically block countries using a tick and flick approach as you see fit. Just depends on your budget and how far you want to go.

http://www.ip2location.com is probably the biggest of them all that provide more professional solutions, maintaining up to the minute lists on country IP registration blocks.
 

maidos

Active member
#7
mod_geoip
if you have root access to your server you can just block any country by adding a geoip code on your htaccess

maxmind is a good company as they frequently update their ip database.

alternative is that you install csf and theres an option on control panel either on directadmin, cpanel or just go to csf configuration to block there, where you can block an entire country however the firewall does consume a bit more cpu resources
 

Ingenious

Well-known member
#8
Totally agree with maidos, GeoIP is the easiest way to do this, if you have it on your server. You then just specify country codes rather than IP addresses (the actual IP addresses being maintained by GeoIP).
 

erich37

Well-known member
#12
Maybe?

I use the firewall on my server, have not tried this, though it should work..

View attachment 17079

View attachment 17080
what is the difference in XF ACP of "Banned IP Addresses" and "Discouraged IP Addresses" ?
Will "Banned IP Addresses" be discouraged from registering new accounts or do I need to put the "Banned IP Addresses" into the "Discouraged IP Addresses" are in order to prevent those from registering again ?

in ACP:
how do I move "Banned IP-addresses" towards "Discouraged IP-addresses" ? I want to have the "banned" also to be "discouraged".
Copy & Paste ?
 

erich37

Well-known member
#13
the other question I have is this:

If I do not want to block certain "countries", but just IP-addresses of Spammers, is there a way to install this directly on the server instead of using "stopforumspam.com" ?
What is the best or better say most effective way of getting rid of spammers but still be open for normal users ?

Is the hosting-provider generally providing some sort of "IP black-list" to be installed on the server?

Thanks again!
 

a legacy reborn

Well-known member
#14
what is the difference in XF ACP of "Banned IP Addresses" and "Discouraged IP Addresses" ?
Will "Banned IP Addresses" be discouraged from registering new accounts or do I need to put the "Banned IP Addresses" into the "Discouraged IP Addresses" are in order to prevent those from registering again ?

in ACP:
how do I move "Banned IP-addresses" towards "Discouraged IP-addresses" ? I want to have the "banned" also to be "discouraged".
Copy & Paste ?
Banned can not view any part of your forum and can not register

Discouraged can view the forum but go through hell to do so and can not register(if you enable that option)
the other question I have is this:

If I do not want to block certain "countries", but just IP-addresses of Spammers, is there a way to install this directly on the server instead of using "stopforumspam.com" ?
What is the best or better say most effective way of getting rid of spammers but still be open for normal users ?

Is the hosting-provider generally providing some sort of "IP black-list" to be installed on the server?

Thanks again!
CloudFlare would work for this as it uses project honeypot or you could install project honeypot yourself. I personally use CloudFlare and rarely get spammers(my more active sites get maybe 3-4 spammers/wk and my less active maybe 1/mo.
 
#16
Hi,

What you could do if using CloudFlare:
1. Go to your threat control panel.
2. Block by IP or IP range (this fully blocks them before hitting your server).
3. OR you could block by country in your CloudFlare threat control, which would challenge all visitors from those countries with a captcha/challenge page (Bots obviously wouldn't be able to pass).

You can also do create rules in .htacess to accomplish this as well.