How to control site access based on a visitor's country

This article describes how to allow or block visitors based on the country associated with their IP address. You may want to do this for a variety of reasons, including:

  • Repeated attacks from IP addresses originating in a specific country or countries.
  • Visitor statistics that are misleading or difficult to intrepret due to numerous visits from a specific country or countries. For example, site statistics may indicate a very high bounce rate due to visits by botnets rather than actual humans.
  • If you run an e-commerce site, repeated fraudulent orders.

Controlling site access by country

You can control site access from specific countries by using allow and deny directives in an .htaccess file. To do this, you must obtain the ranges of IP addresses that are assigned to a particular country.

There are several web sites that enable you to generate these .htaccess directives automatically based on the country or countries you specify. The following procedure demonstrates how to use the service provided by IP2Location.

  • This method is not 100% effective because IP address assignments can change, and IP address ranges can overlap. Nevertheless, this method blocks the majority of traffic from the specified country.
  • Some countries are allocated numerous IP address ranges, and blocking all of them requires hundreds or thousands of lines of .htaccess directives. Because the server reads and processes the .htaccess file each time your site is accessed, this may cause performance issues. You should test any IP address blocking configuration to make sure it does not negatively impact your site's performance.

To generate country-based access rules for your site, follow these steps:

  1. Use your web browser to visit https://www.ip2location.com/free/visitor-blocker.
  2. In the left sidebar, confirm Firewall List by Country is selected.
  3. In the Download List section, in the Country list box, select the country for which you want to block or grant access.
  4. In the IP Version list box, select IPv4.
  5. In the Output Format list box, select one of the following options:
    • If you are granting access to the country you selected in step 3, select Apache 2.4 .htaccess allow.
    • If you are blocking access to the country you selected in step 3, select Apache 2.4 .htaccess deny.
  6. Click DOWNLOAD, and then save the file on your local computer.
  7. Repeat steps 3 to 6 for any additional countries for which you want to block or grant access.

  8. Open the downloaded file in a text editor, and then copy the entire block of generated text.

    If you downloaded files for multiple countries, combine all of the text from the files into one block.
  9. On your A2 Hosting account, open the .htaccess file in your preferred text editor.
  10. Paste the block of text that you copied in step 8 into the .htaccess file.
  11. Save your changes to the .htaccess file. The new configuration takes effect immediately.

More Information

For more information about the allow and deny directives in Apache, please visit https://httpd.apache.org/docs/2.4/howto/access.html.

Get Secure Hosting

Article Details

Other Articles in This Category

Show More

Related Articles

Show More

Did you find this article helpful? Then you'll love our support. Experience the A2 Hosting difference today and get a pre-secured, pre-optimized website. Check out our web hosting plans today.

We use cookies to personalize the website for you and to analyze the use of our website. You consent to this by clicking on "I consent" or by continuing your use of this website. Further information about cookies can be found in our Privacy Policy.