Google tells us that their official googlebot crawls always originate from a US IP address, and to make sure our sites work for that situation. So the only place I can see you getting into trouble is banning IPs from the US.

I don't know how much effect blocking those countries will have on your rankings directly, but indirectly I think it may have an effect on user engagement statistics they collect. I would opt for providing a stripped-down version of functionality for users from countries where problems originate.

I personally have built my own system to use an open source IP-to-country database to determine where the users are originating. From there, I block some functions which do any types of writes such as comments, contact forms, or anything that doesn't have a read-only nature.

For me, I block China, Russia, Brazil, most of the Middle East and other countries in East Asia. For these users, I don't display comment forms, disallow any ajax and that type of thing. I won't go into the exact coding, but something like -- example in PHP:

function display_CommentForm() {
global $u_valid_location;
if(!$u_valid_location) {
print("Service Unavailable");
}
else {
...
}
}

might do the trick while still providing content.

Of course, you have to have the code to determine which country the IP originates from and define $u_valid_location.

i block plenty of countries, i haven't noticed any ill effects.
(ecommerce retail website)

Andem...pretty slick. I too have had so many problems coincidentally enough with China/Russia/Brazil/Mideast (specifically Turkey).

Anybody have ideas on how to do country blocks in a .htaccess file... Could one create a rule that POST data would only be accepted from non-blacklisted ip ranges? Most of hacking takes places with forms and if your forms only accept POST data, I would think a strong POST filter or even throttle could help a lot...

Topr8...good to hear :)

smithaa02: You can't block countries per se with .htaccess. You can block IP ranges, but I highly suggest against it. I have no idea how to go about that though with ipv6 but tutorials are probably a dime-a-dozen.

I forgot to mention the largest mass of spammers: India. They get a special message which sends them on a spree of spamming other services like mine (they essentially get sent on a wild goose chase, some which put them immediately on blacklists) :)

If you plan on going the 'htaccess route' and only if you know what you're doing and if you're running a version of Linux (or other Unix variant) which is setup to provide constant updates like RHEL, there might be a specific Apache module that might be able to help you. I can't advise on that, but would still advise against it.

Anybody have ideas on how to do country blocks in a .htaccess file

Yes, but you've been around long enough to know that we're not just going to come out and tell you ;) It has to be done via IP ranges, which is a pain. It's a pain even when you're just doing the straight core-level "Deny from..." The darn things keep cropping up like whack-a-moles. You think you've got them all, and then another one turns up.

I have some sites where if you're outside of Europe, US/Canada, Australia/New Zealand you get nothing. There's no SERPs impact.

A white-list approach might be better than an IP black-list, in some cases at least. Eliminates a lot of the whack-a-mole game.

If they really want to get to you, they can still do it from a US IP.

Best to work on securing your website.