A Web.com Partner

Block countries using CSF Firewall

There are two main ways to block a user from accessing a website.  You can use mod_geoip, which is basically lines that you enter to your .htaccess file, or you can use the Firewall on the server to stop users from even accessing the site.csf_large

If you’re on a VPS or Dedicated Server, the block using the Firewall is the best solution.  It places less overhead on the server, as you’re blocking the user from even attempting to load a page on your site.  This will save CPU and Memory resources for your REAL visitors that really need it.  If you know you’re never going to ship a product to China, Turkey or Iraq, we recommend that you block the country from even accessing the site.  This will help reduce the number of fraud orders that you receive.

Here’s the steps for modifying the ConfigServer Security & Firewall (CSF):

  1. Open WHM in your VPS , Cloud Server or Dedicated Server. Scroll to the bottom left and find the “ConfigServer Security&Firewall”
  2. Click the “Firewall Configuration” button
  3. Scroll down the page (or use the FIND in your browser) to the section with “CC_DENY”
    These are comma separated list of 2 letter Country Codes.  Here’s a link to the codes – http://www.worldatlas.com/aatlas/ctycodes.htm

For every country you want to deny, you just enter those letters in the field (separated by a comma).

Once you’re done, scroll to the bottom of the page and click CHANGE.  This will restart the firewall, and you’re now all set to go.