How to block users geographically?

Get help with installation and running phpBB 3.2.x here. Please do not post bug reports, feature requests, or extension related questions here.
Post Reply
phil mailloux
Registered User
Posts: 75
Joined: Sat Oct 18, 2008 4:50 am

How to block users geographically?

Post by phil mailloux »

Just upgraded to latest version in the hopes of fixing what might be security flaws from my previous version. That did not help apparently.

I'm being flooded by "Guests" on my forum slowing down the bandwidth big time. I might have 4 registered users online and upwards of a 1000 "guests". I've done the "Who Is Online" thing to see where all those guests are coming from and hit the Whois link under their IP's, well most of those hits/guests are from China. Seeing as I run an Australian Bass Guitar site i doubt there's much relevence for Chinese musicians there.

Is there a way to geographically ban all guests coming from chinese IP's? I would assume this would stop this issue

User avatar
janus_zonstraal
Registered User
Posts: 3935
Joined: Sat Aug 30, 2014 1:30 pm

Re: How to block users geographically?

Post by janus_zonstraal »

Make a account on cloudflare.
And block China
Sorry! My English is bat ;) !!!

User avatar
david63
Registered User
Posts: 17048
Joined: Thu Dec 19, 2002 8:08 am
Location: Lancashire, UK
Name: David Wood
Contact:

Re: How to block users geographically?

Post by david63 »

phil mailloux wrote:
Sat Nov 23, 2019 11:46 pm
Just upgraded to latest version in the hopes of fixing what might be security flaws from my previous version.
What security flaws?
David
Remember: You only know what you know and - you don't know what you don't know!
My CDB Contributions | How to install an extension
I will not be accepting translations for any of my extensions in Github - please post any translations in the appropriate topic.
No support requests via PM or email as they will be ignored

phil mailloux
Registered User
Posts: 75
Joined: Sat Oct 18, 2008 4:50 am

Re: How to block users geographically?

Post by phil mailloux »

david63 wrote:
Sun Nov 24, 2019 12:09 am
phil mailloux wrote:
Sat Nov 23, 2019 11:46 pm
Just upgraded to latest version in the hopes of fixing what might be security flaws from my previous version.
What security flaws?
In other words, I'm grasping at straws here doing anything I can think of that might fix my issues.


Is Cloudflare my only option for blocking users geographically? Would they do that on their free plan or their $20 one?

phil mailloux
Registered User
Posts: 75
Joined: Sat Oct 18, 2008 4:50 am

Re: How to block users geographically?

Post by phil mailloux »

I've just received this bit of code from my webhost. Would this work to block out any countries I want?
What if the unwanted visitor is from a different country and keeps changing their IP? Provided your website isn’t intended for visitors from that country, you can easily use the GeoIP tool to block that country. Just add the below code to the top of your .htaccess file.

<ifModule mod_geoip.c>

GeoIPEnable On

# Add countries you wish to deny here

SetEnvIf GEOIP_COUNTRY_CODE CO DenyCountry

SetEnvIf GEOIP_COUNTRY_CODE EG DenyCountry

SetEnvIf GEOIP_COUNTRY_CODE HI DenyCountry

Allow from all

Deny from env=DenyCountry

</ifModule>

User avatar
Mick
Support Team Member
Support Team Member
Posts: 21874
Joined: Fri Aug 29, 2008 9:49 am
Location: Watching cricket.

Re: How to block users geographically?

Post by Mick »

You could always try it but your host could do it at server level as well. Don’t forget to make a back up copy of .htaccess if you do go that route.
"The more connected we get the more alone we become" - Kyle Broflovski

User avatar
janus_zonstraal
Registered User
Posts: 3935
Joined: Sat Aug 30, 2014 1:30 pm

Re: How to block users geographically?

Post by janus_zonstraal »

The free plan from Cloudflare works perfect.
Sorry! My English is bat ;) !!!

User avatar
thecoalman
Community Team Member
Community Team Member
Posts: 3472
Joined: Wed Dec 22, 2004 3:52 am
Location: Pennsylvania, U.S.A.
Contact:

Re: How to block users geographically?

Post by thecoalman »

phil mailloux wrote:
Sun Nov 24, 2019 2:41 am
I've just received this bit of code from my webhost. Would this work to block out any countries I want?
Minimally it should help, AFAIK that uses local data which poses a problem because it needs to be up to date. The other issue is it still needs to process the IP which still consumes resources. That's for every IP, not just the ones it's blocking. You need to edit what they provided. That's blocking Egypt, Columbia and I'm not sure what last one is. This will block China:

Code: Select all

SetEnvIf GEOIP_COUNTRY_CODE CN DenyCountry
Other countries can be added with new line, change the CN to appropriate country code.

As far as Cloudflare goes they have a very large global network and if anyone is going to be able to reliably identify the origin of an IP it will be them. For these bots you don't actually have to outright block the country when using Cloudflare. They have option for JSChallenege which should seamlessly allow legitimate users from those countries through. There is no server resources expended because the request never hits your server.

One thing to note, all traffic to your site is now from Cloudflare IP's. You need to have mod_cloudflare installed on the server or some other means to get the real IP. phpBB has an extension for this but it should be last resort, it only works with phpBB. Server logs and anything else recording the IP would still have Cloudflare IP's.
“Results! Why, man, I have gotten a lot of results! I have found several thousand things that won’t work.”

Attributed - Thomas Edison

User avatar
John connor
Registered User
Posts: 2410
Joined: Fri Nov 14, 2014 5:14 pm
Location: U S Of A
Name: Aaron
Contact:

Re: How to block users geographically?

Post by John connor »

You would need to make sure your host has mod_cloudflare installed.

Yes, the free CloudFlare plan will do the trick. That's what I use, but I also pay for Workers and layer 7 DDoS protection.

Have a look at my signature. In addition to CloudFlare, I highly recommend CIDRAM and Ninjafirewall. I can help you get all that set up if you want. I have a Wire and Threema account. Or you can send me a PM here.

The author of CIDRAM is from Perth BTW. :)

User avatar
John connor
Registered User
Posts: 2410
Joined: Fri Nov 14, 2014 5:14 pm
Location: U S Of A
Name: Aaron
Contact:

Re: How to block users geographically?

Post by John connor »

thecoalman wrote:
Sun Nov 24, 2019 3:43 pm
I'm not sure what last one is.
Hatti.

Why his host gave him those countries I don't understand.

Post Reply

Return to “[3.2.x] Support Forum”