Restricting access via Country IP Range

Started by CountryLady, August 23, 2010, 05:56:31 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

CountryLady

My forum relates only to people in US, CA, AU, UK and about 95% of our SPAM memberships are from other countries.
I could have a much more open registration process if I could eliminate all countries besides the 4 shown above.
I've been handling the Spammers by banning IP Ranges of ISPs of Spammers, and blocking IP numbers/ranges via IP Deny in the cPanel. This is always AFTER the fact of being hit by these people. I do use Capta so that should already block robots/scripts.

Seems to me that I'd be much better off restricting access via Country IP Range, but to do so with an htaccess ALLOW script.
I've used http://www.maxmind.com/app/geolitecountry to identify the IP Ranges of the 4 countries above but am not positive this is my best way of restricting access... for the server, fast load times, fewer queries, most accuracy, and fewer problems overall.

I am not real sharp with coding, :o so with that in mind:
     1. Is my plan of using Country IP Ranges in the ALLOW htaccess script the best way to restrict access to our website by everyone outside of the 4 target countries?
     2. If so, how should the htaccess script be written?  ...and where should I put it in via FTP?
     3. If not, what IS the best way to accomplish the desired restriction in access to the 4 target countries?   ....Details, please. :)

Thanks so much for your help...
...Country (little old) Lady 

Chance favors the prepared. Come join us at OurCountryHaven.

Jason

I'd need to look into this further to see what the best route would be.  You could attempt to do this of course though from what I'm seeing you'd need to use some extensive lists and even then, they wouldn't always be accurate.  Furthermore, someone who really wants to get around it could via proxy.

This site has an .htaccess code generator though it is from Aug 2009 so the data may not be current:

http://www.countryipblocks.net/country-blocks/select-formats/

CountryLady

Thanks for checking into this Jason. FYI, the maxmind.com list was... "Last updated August 1st, 2010, next update on September 1st, 2010" so I can periodically update the codes for just these 4 countries.

I realize the truth in what you say... "the lists wouldn't always be accurate.  Furthermore, someone who really wants to get around it could via proxy.", but it would cut out between 95-99% of the Spammers. As it stands now I have MANY IP Deny ranges in my cPanel, plus dozens upon dozens of bans of IPs, IP Ranges, Hosts from .IN, RU, CH, PH, etc., etc. as I try to avoid giving these spammers a chance to spread their messages around. By switching from DENY protocol to ALLOW protocol, this would probably be easier on the server than the way I'm doing it now.

Please don't feel pushed about this Jason. I don't mind waiting to get the best solution. Any Daddy who has two beautiful daughters needs plenty of quality time for them. The latest photos are Adorable~!

Cheers, CL
Chance favors the prepared. Come join us at OurCountryHaven.

Jason

Sorry for the delay -- I' received some guidance on this but am doublechecking a few concerns before I report back.

CountryLady

That's quite alright, Jason. I really appreciate your help with this. Its important that this be done in a way that is going to help the server, rather than complicate things. IF we can find a good answer, it will sure help me, and perhaps others as well.

Again, I am in no rush. Thanks for ALL you do.

Cheers, CL
Chance favors the prepared. Come join us at OurCountryHaven.

Jason

There are a couple ways we could go with this --

We could use GeoLite which you referenced above.  It could be setup to work on your account without any serverwide settings.

Alternatively, there's a serverwide option (mod_geoip)

http://www.maxmind.com/app/mod_geoip

It may be a little more powerful but it's also serverwide.

If you want to move forward with this, I'd suggest we handle it via a ticket or email so we can get more specific.  Either route is going to require some customization.

Hope that helps!

CountryLady

Jason, you manage to find solutions for all my challenges.

Look for an email in the next day or so.

Thank you for everything.

Cheers, CL
Chance favors the prepared. Come join us at OurCountryHaven.