CMS

How To Do Country Blocking in Drupal?

Updated on: March 29, 2020

How To Do Country Blocking in Drupal?

Not every Drupal website needs or wants traction in each country within the world. Websites like a flower shop, bakery, car wash, laundry, babysitting, lawn mowing, etc. may be relevant only to locals of an area. Overseas attention might be irrelevant & absurd for these Drupal sites. Now, this is where country blocking comes as a relief.

Unless you consciously block access to countries, all countries have access to your website by default. This may result in excess burdening on your server’s bandwidth. Moreover, it also attracts severe security risks for your website.  Country blocking is a great & smart way to put your website off the radar for countries which do not cater to your needs.

Most importantly, there are some countries which are notorious for sending attack vectors. Hence, blocking them would only be a prudent decision for your website. The following stats on attacks origins as discussed in this informative guide on hacking stats backs our point here –

Clearly, China tops the list of cyber attack origins. Besides China, The USA, Russia, Brazil are some other countries infamous for being home to hackers. But, as I said, this can easily be taken care of with country blocking.

Commonly, country blocking is done by the following methods:

  • Country blocking through .htaccess – Apache
  • Country blocking by NGINX + GeoIP Module

Let’s figure out how each of these processes works:

Country blocking in Drupal through .htaccess – Apache

Step 1 – Get the IPs of a country

There are several tools on the net available for free which avails you the complete list of IP ranges of a country. And, one such tool is the IP2LOCATION. So, follow these steps to generate the IP ranges of different countries.

  1. Go to – https://www.ip2location.com/free/visitor-blocker
  2. Scroll down, and insert the country name, IP versions, and output format.
  3. Hit ‘Download’ to export the .txt file with the IPs.
  4. Repeat the process for different countries.

Step 2 – Open your .htaccess file

  1. Login into your website through FTP or cPanel
  2. Navigate to your public_html directory
  3. Open .htaccess file there.

Step 3 – Copy  the IP list into .htaccess file

  1. Copy & paste the generated IP in the .htaccess file
  2. Save and upload it back to the server.

By following this simple process you can block countries easily. Still, country blocking through .htaccess has some limitations. First, the IP list keeps on changing & growing. So, you would need to update the list every 2-3 months.

Country blocking in Drupal by NGINX + GeoIP Module

Step 1 – Install the GeoIP module

The first step is to install Nginx with HttpGeoIpModule. You can check if your Nginx is compiled with HttpGeoipModule using-

nginx -V

if you see –with-http_geoip_module as a result of the above command you can proceed.

Step 2 – Download the GeoIP Database

The next step is to install maxmind’s GeoIP database. The following line of command could be used here –

sudo apt-get install geoip-database libgeoip1

This downloads the GeoIP database and places it at – /usr/share/GeoIP/GeoIP.dat

Step 3 – Configure Nginx for blocking

You have the database with all the IP ranges of all the countries is ready to use. Just open the Nginx configuration file & add the following command at the start of HTTP block. Nginx will fetch the details from the database and do the needful.

  geoip_country /usr/share/GeoIP/GeoIP.dat;
   map $geoip_country_code $allowed_country {
       default yes;
       PK no;
       AU no;
   }

The above code translates to allow all countries except Pakistan (PK) & Australia (AU).

You can also do it as allowing a few countries and blocking others, see below-

   geoip_country /usr/share/GeoIP/GeoIP.dat;
   map $geoip_country_code $allowed_country {
       default no;
       IN yes;
       US yes;
   }

this will block all the countries except India and the USA.

Step 3 – Set a Block Page

Next, you would need to set a block page for all these blocked countries. You can do this as:

  1. Open the server block file in your website
  2. And, add the following lines in that file and save
    if ($allowed_country == no) {        
    
    return 404;
    
    }

This will program the browser to return a 404 not found error for a blocked country. You can also set other HTTP status codes such as the 444-HTTP error code or 403- access denied error code.

Step 4 – Reload/Restart Nginx

At last, reload the Nginx server for the changes to reflect.

sudo service nginx restart

How Astra helps in blocking countries & IP ranges in a click for your Drupal website

These were some of the methods to do country blocking in Drupal. However, there is one more even simpler method left. This is the one-click country blocking by Astra. Country blocking is an ingrained feature in the Astra firewall. You need not fuss about updating the IP list. This method does not require any coding skills. And, this also has an easy IP whitelisting functionality, in case you change your mind.

Here is how you can benefit from it:

  1. Install the Astra Firewall, and log into your Astra dashboard
  2. Navigate to the ‘Threats’ page.
  3. Scroll down to find ‘Add a custom rule’ section
  4. Insert the country you would like to block and click on the ‘Block’ button, and you are good to go.

In case, you’d like to unblock it you can do that by scrolling down to ‘Trusted & Blocked List’ and simply delete the country from the list.

Was this post helpful?

Naman Rastogi

Naman Rastogi is a Growth hacker and digital marketer at Astra security. Working actively in cybersecurity for more than a year, Naman shares the passion for spreading awareness about cybersecurity amongst netizens. He is a regular reader of anything cybersecurity which he channelizes through the Astra blog.Naman is also a jack of all trade. He is certified in market analytics, content strategy, financial markets and more while working parallelly towards his passion i.e cybersecurity.When not hustling to find newer ways to spread awareness about cybersecurity, he can be found enjoying a game of ping pong or CSGO.
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments

Psst! Hi there. We’re Astra.

We make security simple and hassle-free for thousands
of websites and businesses worldwide.

Our suite of security products include firewall, malware scanner and security audits to protect your site from the
evil forces on the internet, even when you sleep.

earth spiders cards bugs spiders

Made with ❤️ in USA France India Germany