How to Block Traffic from Certain Countries

If you review your web activity, you may have seen an surprising number of visitors from nations, for example, China, Russia, Poland and Brazil. There, you will see that huge numbers of these visitors are attempting to get to files and directories that don’t exist, planning to hack into your site, maybe to transform your server into a spamming zombie. A few website admins choose to block all traffic from various handpicked nations.

There are a several ways to deny traffic from a specific nation. As far as anyone is concerned, all these methods rely on matching the visitor’s IP location to some sort of IP geolocation table.

Method #1: Add Individual IP’s Addresses on Your Server

Once you have a list, you can block the IPs using “.htaccess”. Also I don’t know how well any of these lists is maintained because IPs change all the time and you want to update your IP country table all the time. If you want to use this method, you might add below lines to your “.htaccess”:

# vim /documentroot/path/.htaccess

Order allow,deny
Allow from all
Deny from 58.14.0.0/15
Deny from 58.16.0.0/16
..
..

Method #2: The Apache Deny Directive on Your Server

For this procedure, you just edit the “.htaccess” file at the root of your web pages. Paste the following at the top of .htaccess, just below the “AddHandler” line if any:

# vim /documentroot/path/.htaccess

SetEnvIf CF-IPCountry CN BuzzOff=1
Order allow,deny
Allow from all
Deny from env=BuzzOff

Here in above example we are blocking China (CN) access. If you have to block more than one country then do as below:

SetEnvIf CF-IPCountry CN BuzzOff=1 #(China)
SetEnvIf CF-IPCountry RU BuzzOff=1 #(Russia)
SetEnvIf CF-IPCountry EG BuzzOff=1 #(Egypt)
Order allow,deny
Allow from all
Deny from env=BuzzOff

List of Internet Country Codes

Enjoy it!