He could use the IP address of the clients to weed out those that he doesnt want. The problem with IP address recognition is all of the different ways that forwarded IP's are passed on.
Below is what I use to try to get the actual IP address of the person - I started with a couple of different cases and added more as I found them. So I cant guarantee that this function will get every type of forwarded ip, but it will get most.

function userIP(){
switch ($_SERVER){
case 'HTTP_CLIENT_IP':
$userip = $_SERVER['HTTP_CLIENT_IP'];
break;
case 'HTTP_X_FORWARDED_FOR':
$userip = $_SERVER['HTTP_X_FORWARDED_FOR'];
break;
case 'HTTP_X_FORWARDED':
$userip = $_SERVER['HTTP_X_FORWARDED'];
break;
case 'HTTP_FORWARDED_FOR':
$userip = $_SERVER['HTTP_FORWARDED_FOR'];
break;
case 'HTTP_FORWARDED':
$userip = $_SERVER['HTTP_FORWARDED'];
break;
default:
$userip = $_SERVER['REMOTE_ADDR'];
break;
}
return $userip;
}

There would be a lot of SEO issues with blocking ip's that dont come from the countries that you want. So IP address blocking may well be a bit drastic for what you want, but thats why im not posting this in an SEO forum :)

Well, this is a PHP forum :)
Get yourself a complete DB of ip
Select ranges that are allowed
Grab the visitor IP
Match it VS disallowed range
Achieving it is quite simple.

My advice: don't block by IP. Get more bandwidth, it's not that expensive.

here is a little script that works well for me. place it at the top of your pages.

if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])){
$IPaddress=$_SERVER['HTTP_X_FORWARDED_FOR'];}else{
$IPaddress=$_SERVER['REMOTE_ADDR'];}
$two_letter_country_code=iptocountry($IPaddress);
function iptocountry($ip){
$numbers = preg_split( "/\./", $ip);
include("ips/".$numbers[0].".php");
$code=($numbers[0]*16777216)+($numbers[1]*65536)+($numbers[2]*256)+($numbers[3]);
foreach($ranges as $key=>$value){if($key<=$code){
if($ranges[$key][0]>=$code){
$two_letter_country_code=$ranges[$key][1];break;}}} 
if($two_letter_country_code==""){
$two_letter_country_code="unknown";}
return $two_letter_country_code;}
if($two_letter_country_code=="RU"){die();}

the url ('ips/') needs to point at a database of country IPs which you have to download from here -- phptutorial.info/iptocountry/the_script.html.

you can set it up to disallow any country you want. or it would be simple enough to amend the script so it just allows countries (instead of disallowing)
and it is flat file too, so you don't even need a database.

Hi Ron,
I kindly disagree,
we both know that for example in e-comm there are a few countries that needs to be banned.

Hi Londrum, I found your post very useful, do you know, if adding more countries to that disallow, which countries to NOT exclude because of potential problems with SE Bots please ?

Dexie.