Why would you block a country by using IP’s?
One of the most common reason to block a particular IP on the website is due to SPAM and Hacking attacks. This is a problem is growing and seriously effects the performance of the website.
But is it true that certain countries are responsible for these kinds of attacks ?And will blocking a particular country form the services would help? This is the question that most of the people ask.
According to an article published by Bloomberg
“China, Russia and Iran pose the biggest threats of computer attacks to spy on U.S. companies”.
http://fortune.com/2018/07/26/biggest-cyber-threats/
Also,
“The three countries(China, Russia and Iran) have conducted sophisticated, large-scale hacking attacks across multiple U.S. industries”
Said that according to a report by office’s National Counterintelligence and Security Centre
Source : http://fortune.com/2018/07/26/biggest-cyber-threats/
Well this is seriously alarming and its true that hackers in certain countries are more active than the rest.
But still it is not suggested that you block out these countries or any countries for your site. Unless it is necessary.
Different methods through which you can block a Country through IP on your website?
A user goes through a series of layers before he reaches to the final application layer. You can block the user on any of these. The following are three layers we will discuss.
- Before the request reaches the server it can go through proxies and firewall servers. User can be authenticated there or
- Once the user reaches your server and before you redirect to the requested resource or
- You can Block you can block the User on the Application Layer.
The level at which the user is blocked has it’s own advantages and disadvantages.
If you would block the user before it reaches your server, you would save additional process of matching IP’s against country IP databases. Sparing the bandwidth and processing time on your server, which is good and performance will be better.
But it’s also ok to block on server level and application later. Implementation is different for all and any method may suit you better.
In this article we will explore all these topics in detail along with understanding the impact of blocking certain countries on your Sites SEO performance and more. By the time you finish the article you would learn how to block Countries though IP’s with different techniques.
Does Blocking a country improve the performance of any website.
How smoothly your website works for your users can determine its performance. More users mean that the resource of the server will be shared with more users. So lesser users surely means that your server will work less and will be faster. So blocking will definitely improve the performance.
Banning a country would reduce number of unsolicited calls, emails and web form requests.
Now how much the performance will increase depends upon how much traffic is coming from the countries that you are blocking out. If there are few people who are visiting you from the particular countries you are blocking the server might show no performance changes.
How blocking a particular country can affect Google and other search engines? Will the SEO performance decline?
Well blocking the foreign websites which are not dealing in the products might reduce the websites bounce rate but it might also affect negatively for certain situations like you might block the services for people wo travel a lot and may share a review for the product you might be selling with the websites link.
The affect on your SEO’s performance can evaluated by the following points.
- How many countries you are planning to block?
If you are trying to block on one country and the same country.
Also, if you find that the traffic which is landing on your website is targeting security. Like if the traffic on your website is going to ‘/wp-admin’ (which by the way is admin login page in any WordPress site.) or is responsible for spamming. (You can verify this by checking the IP address of the users who commented.) Then I suggest you can proceed to block.
If the number of countries is very less, like 1 or two then it should be ok.
- Consider the Traffic Behaviour.
Not all traffic which is coming from a particular country can be for spamming or hacking. There might be people who might be interested in your content and products. Then before you jump to block them out of the website you should consider other options. Such adding more security measures such as changing the admin panel location adding captcha or even blocking a country from your administrative sections and URL in the application layer.
Conclusion, blocking counties is an important step and can affect SEO. Do proper research before taking any step. Also, there are other options for security available than IP blocking the whole country consider them before doing this. Some of these are discussed later in the post.
Blocking users through .htaccess.
Apache hold about 30-40% of market share of servers as LAMP (Linux, Apache, MySQL and PHP) a great choice for developing websites. htaccess works only on Apache Web Servers.
Blocking with htaccess is very easy, it’s all about writing about IP addresses and uploading them to the server.
So what is .htaccess?
.htaccess is a configuration file for use on web servers running the Apache Web Server software. It is extremely useful for blocking unwanted visitors
‘.htaccess’ is the name of the file, though it may seem like a file extension without name.
Deploying a .htaccess to make configuration changes is very simple. You just create a file with the name ”.htaccess” put the configuration details and upload it to the folder where you want the configuration to apply.
How to Deny or block an IP using .htaccess.
Blocking can be achieved by simple configuration text which tells the server what to do.
Example to Block particular IP’s using .htaccess.
order allow,deny
deny from 255.0.0.0
deny from 123.45.6.
allow from all.The code above is quite self-explanatory,
The line ‘deny from 255.0.0.0’ tells the server that this IP should be blocked.
The line ‘deny from 123.45.6.’ is a little tricky to read than the first one since the last
Block all traffic except your IP’s using .htaccess
order allow,deny
allow from 255.0.0.0
deny from allThe above lines tell the Apache Web Server to block all visitors except those with the IP address ‘255.0.0.0’
Restrict WordPress admin access using .htaccess for your IP’s
In wordpress wp-login.php is the file which is accessed to login to the Admin dashboard in wordpress. Blocking this will prevent brute force attempts and hackers guessing and trying your password.
Through the following code we will only allow your IP address to access this file.
<Files wp-login.php>
Order Deny,Allow
Deny from all
Allow from 255.0.0.0
</Files> Please remember to change the IP address in the example above.
Blocking traffic from country or countries though .htaccess.
It as simple as blocking individual IP’s as explained in the previous section. The only difference is that we would need the collection of IP’s for the country we want to block. Just follow the following steps exactly and you would have no problem.
Step 1: Find a way to access your .htaccess file.
You can do this both though the cPanel account or through FTP.
How to upload using .htaccess
- Open your cPanel account using the credentials provided by the hosting company.
- Search for file manager.
- Upload .htaccess file.
How to use FTP to upload and edit using FTP
- You would need FTP Credentials which basically comprises of Hostname, Username & password.
- Connect to the Server using a FTP Client. Filezilla is a popular and free FTP client that you can use. Download it here.
- Once you are connected to the server you can upload and download using its visual interface.
Step 2. Generating an IP list which you want to block for.
Don’t worry you don’t have to do this manually. There are tools available online which will allow you generate the IP Allow or deny Statements.
One of the popular sites that provide free download for countries is ip2location.com. Use this link.
Once you open the website, choose country from the dropdown and choose the apache server along with the action, deny or allow.
When you hit download a file will be downloaded to you computer. If you open the file it would look similar to the following screenshot.
All you need to do is to copy all the code and paste it into your .htaccess file and you are done!
Please note that the IP’s are assigned to organizations and countries daily. Since this data is updated regularly from time to time you would have to replace the Block statements. IP2Location from which we downloaded the IP file suggests that you do so at least once every month.
Although .htaccess works like a dream, it can negatively affect performance under load if the block target encompasses a massive number of IPs.
This kind of blocking happens when visitor reaches your server. But there are other ways to block a visitor like blocking a person before he reaches your server.
Blocking a Country User before he reaches your server.
Blocking countries through Cloudflare.
Cloudflare is a very easy option to block a particular country plus you also get some additional security features.
What is Cloudflare?
Cloudflare also provides security by protecting Internet properties from malicious activity like DDoS attacks, malicious bots, and other nefarious intrusions.
the good thing is that Country code block is available also in their free plan.
Setting up Cloudflare would require you to change DNS or CNAME settings. A they have excellent documentation. Read their getting started document though the following link.
https://www.cloudflare.com/partners/getting-started/
Blocking a country through Cloudflare Control Panel
- Select your domain in your CloudFlare Control Panel
- Select the “Firewall” tab
- On the “IP Firewall” tab, you can enter a IP, IP range, or Country and click block.
- Done.
Blocking a Country through IP on Application Level.
You might not be looking for a bigger solution or would be comfortable
a simple solution that would work at the application level. For example, if
your using PHP, JavaScript, Ruby to create your website and would like to block
users by writing code that checks the country though IP and then just block or
redirect user.
It is very simple to do so. There are many free/paid services that allow you to
do so. All you need to do is send these servers an API request and they will
return the country code to you.
Like for example https://ipstack.com/
You can send a request similar to this.
https://api.ipstack.com/134.201.250.155?access_key=YOUR_ACCESS_KEY
and you will get a response similar to
{
"ip": "134.201.250.155",
"hostname": "134.201.250.155",
"type": "ipv4",
"country_code": "US"
...
}You can use this JSON to know the country code of the user. Once you get this you can redirect or block the user as you please.
To find more example and information you can visit ipstack.com documentation page.
https://ipstack.com/documentation
A summary notes on blocking Countries and method.
It is recommended that you block countries as your last resort. For security there are many options available if all fails then you should try blocking countries.
The best form of blocking in terms of performance is blocking through proxy services such as Cloudflare technically what happens is that all the traffic routes though it.
Cloudflare is highly recommended solution. It’s free plan also includes the following features.
- Unmetered Mitigation of DDoS
- Global CDN
- Shared SSL certificate
Cloudflare’s Free plan has no limit on the amount of bandwidth your visitors use or websites you add.
If this does not work for you then you can choose among other methods.
What I know I have shared now it’s your turn !
I am sure that there would be more awesome techniques that I do not know. I would like to hear about them.
If you have more insights, corrections or questions. Please feel free to drop them in the comments section below.
It was great sharing this article with you!
Leave a Reply
You must be logged in to post a comment.