Best way to block certain countries?

Forum Moderators: phranque

Message Too Old, No Replies

Best way to block certain countries?

AndrewPeterson

9:27 am on Aug 2, 2004 (gmt 0)

Does anyone else here do this btw?

I get a lot of spam and hackers from india and bankok.

For the time being i've added the below which are the ip ranges for the sub continent.

<Directory />
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
Deny from 61. 202. 203.
</Directory>

This has solved my problems but i recently received an email from a friend in Australia who is on a 203. IP address therefore cannot access

Anyone know the best way around this to block places like india, bankok etc but keep in Austalia, New Zealand etc.

TIA

(No offence is entended to anyone from those countries so no flame replies please. Its just something I need to do for my situation)

jdMorgan

1:51 am on Aug 3, 2004 (gmt 0)

AndrewPeterson,

Welcome to WebmasterWorld [webmasterworld.com]!

By changing the Order directive, you can change the way that denies and allows take precedence -- See the mod_access documentation [httpd.apache.org]. In order to allow subnets of your denied ranges, you just need to re-arrange things a little:


<Directory />
Options FollowSymLinks
AllowOverride None
Order Deny,Allow
Deny from 61. 202. 203.
Allow from 61.123. 202.45 203.67.89.
</Directory>

With this code, all subnets of 61 are disallowed, except for 61.123. Similarly, the other subnets of 202 and 203 are allowed while the major part of the range is denied. Addresses falling outside of the 61, 202, or 203 address blocks are allowed.

Jim