Can't you just do if not from us?

!^USIP addresses$

Probably it is easiest not to set up a webpage in the first place. Can you give SOME indication why you ban full countries? My main site targets Germany. If I would ban the Netherlands, Luxemburg or Belgium, I would lose revenue due to companies and indivduals in these countries which neverthelss access German sites to make business.

well believe it or not but revenue isnt important for everybody...
im discussing this with a few people and one wanted to be able to block everybody except the u.s , dont ask me why he wants that.
his site just covers the u.s and dont want other countries visiting.
but he also wants to narrow down any hack attempts from such bogus countries..

but a question..
how should >> !^USIP addresses$ <<
be used?
can this be explained how this works?

his site just covers the u.s and dont want other countries visiting.
but he also wants to narrow down any hack attempts from such bogus countries

so every where other than the US is a "bogus country"?

LOL I've not a clue.
My logic is, yet again flawed.
Ill get my coat.

well dont take it personal...
my htaccess is about 210 kb and includes banned 13 countries cause these coutries and ip's were used for unfriendly things...
thats how countries get banned..

What about expat's? US citizens on work assignment abroad? Troops stationed in other countries? Traveling exec's using their hotel's or partner companies internet?

well i have no answer to that..
i just asked for help..
it wasnt realy my idea to start a discussion about this.

Yes, you are right. This discussion does not belong here. But do me a favour and relay these concerns to your friend.

Back on topic: the "safe" approach would be to refer to a geotargeting database. These have become quite good. There is a handfull of suppliers, and a handfull of business models starting from free access to subscription based models. Pure country-based targeting is probably 99% accurate and can either be handled by a remote request (which becomes slow when you have huge visitor numbers) or by local database (which gets unreliable if not updated regularly).

Using a geolocation database has the advantage that the visitor can be redirected to an explanatory page (with maybe even a contact form of sorts) instead of being blocked on a web-server-errror-message level.

P.S. You - resp your friend - knows what a proxy server is?

You should firewall the IP's rather than use .htaccess (which gets parsed every page view by Apache).

For example, here's how you can block A-Class 60 using IPtables:-

iptables -A INPUT -p tcp -s 60.0.0.0/11 --dport 25 -j DROP

I also have entire countries blocked. "bogus" for me happens when I get a far more nuisance traffic (spam, un-authorised crawlers etc) than genuine traffic.

TJ

[edited by: trillianjedi at 11:16 am (utc) on Dec. 7, 2006]

yes im sure he knows....
thanks for the help...
so in short there are a few ways of doing this....
ill explain it all to him..
thank you.