Blocking countries from all domains on a Windows server

Forum Moderators: open

Message Too Old, No Replies

Blocking countries from all domains on a Windows server

aleksl

6:47 pm on Nov 3, 2007 (gmt 0)

I know there's been numerous examples how to block IPs. My question is wider. I am tired of:
* configuring each website to block stuff
* configuring mail servers
* configuring firewalls
etc., etc.

I want to knock down a couple of pretty offending countries from accessing every domain hosted on my Windows server. Completely. Or a region. How would one approach this? If this even possible by simple methods.

Ideas? Maybe ranges of IPs? Maybe by A/B/C IP class? Can IPSec do that? Certainly not Windows Firewall, and I don't have thousands of dollars for expensive firewall hardware/software.

[edited by: tedster at 2:38 pm (utc) on Nov. 5, 2007]
[edit reason] moved from another location [/edit]

aleksl

2:57 pm on Nov 5, 2007 (gmt 0)

Let me clarify.

Looking for technical details of doing it on Windows server. Not "how to block it for a website", but for all websites, and even better if completely, i.e. inlcuding email, ftp and other protocols.

If anyone has done it, I'd appreciate a pointer on where to look.

CrustyAdmin

5:18 pm on Nov 28, 2007 (gmt 0)

Wouldn't you just do it at the firewall and be done with it? If they can't get through your firewall they can't get to your web or mail server so no need to adjust them as well.

mrMister

6:43 pm on Nov 28, 2007 (gmt 0)

I agree, use a hardware firewall.

Hardware firewalls aren't expensive. Even most home routers have IP blocking facilities which would be suitable for what you're trying to do.