How to block countries by domain Follow

Avatar
mikeshinn
  • Updated
To block countries by domain, you'll need to create a custom rule file following the instructions at the URL at the bottom of this page, then create a custom ruleset like this:

SecGeoLookupDb /path/to/geo/data/GeoIP.dat
SecRule REMOTE_ADDR '@geoLookup' 'chain,id:12345,drop,msg:'Block China IP address''
SecRule REQUEST_HEADERS:Host '.domain.to.apply.this.to$' 't:none,t:lowercase,chain'
SecRule GEO:COUNTRY_CODE '@streq CN'
In the last line, list the countries you want to block by their ISO code.  In the example above CN is for china.  If you want to block more than one country, list them with spaces for example:
 
SecRule GEO:COUNTRY_CODE '@streq CN JP UK'

Finally, download the legacy country database found here. It’s important to get the legacy database in *.dat format, as the Apache ModSecurity module can’t use the newer *.MMDB format yet.  Please it somewhere Apache can read the file, then change the path on that first line to that directory. 

https://wiki.atomicorp.com/wiki/index.php/Mod_security#Installing_custom_rules

Michael Shinn

Related articles

Comments

0 comments

Please sign in to leave a comment.

Articles in this section

See more
Powered by Zendesk