If i say wanted to block all ips from china how would i do it?

-Thanks.

Find out China's range of ips, the start of it anyway. and ban say 22.XX.XX.XX

Ok thanks.

There will be a lot of IP ranges for a specific country.

I have an uptodate database of ip-country database. Its hosted somewhere in the net.

Reply if u really need it.

Yeah thanks Fahad, that would be really helpful.

http://www.okean.com/china.txt

Theres a list there.

http://www.okean.com/china.txt

Theres a list there.

I would like to ban china too
No idea why just bored...

Find out China's range of ips, the start of it anyway. and ban say 22.XX.XX.XX
That is an incredibly stupid way to do that! :P

Do you have any idea how many IP ranges you would have to block?

The best solution for that is to get mod_geoip from maxmind.com
and install the module for Apache which will add a new variable
to all visitor connections identifying their country.

Once that is installed, you could just put the following in .HTACCESS:


SetEnvIfNoCase GEOIP_COUNTRY_CODE (CN|HK) bad_country

<Files *>
Order Allow,Deny
Allow from all
Deny from env=bad_country
</Files>

(The above example would block CHINA and HONG KONG from your site)

New updates for the country database file for the module comes
out at the beginning of each new month and you can setup a cron job
easy enough to pull the new databases whenever they are released.

http://www.maxmind.com/app/geoip_country

For those unfortunate enough to be on reseller accounts or not
know how to compile apache modules, Maxmind also has a number
of other engines for PHP and Perl, etc which will do the same thing
from your scripts but doing it from Apache is always the cleanest
and fastest way of doing that.

http://www.maxmind.com/app/api

hey Tailzehhhh, thanks for the link. May help us someday...

AMZ, have you tried that?


Lea!

AMZ, have you tried that?
Yes, I've set that up on hundreds of servers.

Piece of cake to install! :classic2:

how about check user ip if dns ends with .cn => ban
if unable to resolve => ban

how about check user ip if dns ends with .cn => ban
if unable to resolve => ban

:lol: Thats not a very good idea! :lol: :lol: :lol: :lol:

I would like to ban china too
No idea why just bored...


and this is?

Yeah, and half the people in the world don't resolve. Check your awstats or something -- many will say unknown, or just an IP. ISP's sometimes dont feel like resolving all their IPs.

Yeah, and half the people in the world don't resolve. Check your awstats or something -- many will say unknown, or just an IP. ISP's sometimes dont feel like resolving all their IPs.
When you say "resolve" the way you put it, you are actually referring
to IPs having reverse DNS resolution to hostnames.

However, it is not necessary to obtain the reverse hostname in order
to determine the location of an IP address unless you are doing something
stupid such as "blocking .CN" like one user suggested.

Actually every IP on the planet will resolve to location with GeoIP
unless the user is on a Satellite connection but even then you can
still narrow things down pretty good.

Incidentally, if a server has GeoIP installed, AwStats can be configured to
use that for the Country identification and all your "Unknowns" in your
AwStats will suddenly be identified to their source location!

sounds like a neat peice of software, is that how you implement your system of not accepting ips from countries at different times ( i think you do anyway)
??

I have ben using it to block china for a long time. and afew other countrys
I won't name.

Works fine for me.

Zcoder....

Re AMZ above for info - and zcoder, what are you talking about?

Re AMZ above for info - and zcoder, what are you talking about?
Decker, just look at the first page of this thread ....

The software we are talking about is GeoIP from Maxmind

Basically in a nutshell, you have a compressed database on your server
that has the country and / or city locations of every IP address on
the internet and new updates are released each month that can be
easily downloaded by cron job.

Then you use either the Apache module or language plugins to enable
your server to make use of the database.

The Apache module is the coolest way to do it because you automatically
get 2 new server variables with every connection that give you the
country code and country name of every visitor connection!

It's a piece of cake to blacklist (or even whitelist) whole countries!

Using this technology also allows you to deliver different content
automatically based on the country of the visitor which is another
really cool thing you can do with GeoIP!

I pretty much consider GeoIP a "must install" item on all servers! :wave:

Cool, but what i mean is, in other threads you mentioned how you now have a different method for containing inflow for your hosting company, Several others have asked why they occasionally get the message on your site saying that cybertoad is not currently accepting applications from your area, and when they try later they can.

So what i mean is, do you have a system in place which blocks creation of accounts from different locations (sorted by ip) in order to slow down the rate at which people sign up for your services. ( i think you used this to explain your reasons for dropping your post2host system.)

:P

So what i mean is, do you have a system in place which blocks creation of accounts from different locations (sorted by ip) in order to slow down the rate at which people sign up for your services. ( i think you used this to explain your reasons for dropping your post2host system.)

Oh you want to know how that works?

Yeah, we just check the COUNTRY of the applicant using the GeoIP variables
and when the number of applications for that country reach the designated
limit per day then the application is rejected ..... very simple

EDIT: If anyone needs help installing GeoIP, contact me! ;)

(sorry, here comes another question :P)


Since our servers are also equipped with pretty advanced technology that
sees backwards to the original IP irregardless of any proxy server, we don't
have to worry about users trying to circumvent the country checks by
using any proxy servers or anything.

Sorry, im a bit of a noob, but i was under the impression that while it is possible to detect if somone is using a poxy, it is not possible to desern that users original ip

if so how do you do it ?? :) :p

its in the HTTP_HEADERS - if its not an absolutely transparent proxy, you will get the uers original IP in X_FORWARDED_IP or something i cant remember...

Ok, youve definitely lost me, is there any chance you can offer a further explanation, if not no worries, i might not understand it anyway.

thanks for ignoring my post (idiots) XD

we didnt ignore it, it was just off topic :P and no i wouldnt say it was rasicm, there are many reasons for blocking countries, and just because its china doesnt make any difference at all. If anyone chinese has a problem with it, they can always take it up with the webmaster, but in the end the server owner withholds the right to deny all whom he/she so chooses his/her services, reason not withstanding .

Regards

thanks for ignoring my post (idiots) XD

Anytime, sorry did you specify you required an individual response? (plank):bkick:

I suspect he means, that the conversation seemed to move past his post without taking note, and ajusting itself according to his question. but your right all the same :p

where did amz's long post go?

i dunno, i reckognised that too, she may have deleted it of course

I suspect he means, that the conversation seemed to move past his post without taking note

Exactly, and Decker how about you getting some new eyes to those glasses :lol:

Exactly
Okay then - no it's not racist at all. There a response, you can put your teddy back in the pram now :P


and Decker how about you getting some new eyes to those glasses :lol:
Only glasses I can think of are the ones your drinking out of as that part makes no sense :tired2:

Whatevere =D You and I know that if we whould continue this it whould lead to an arguement, and you know I whould beat you like I did last time :classic2:

http://www.freewebspace.net/forums/showthread.php?t=83387

So how about being quiet for now because this sounds like racism to me ;)

What about a chinese guy or whatever who can't afford hosting, are you going to drag them all over a comb?

It's up to the webmaster at the end I know but I think everyone is entitled to free hosting.

:usflag:

In your dreams, just admit it was an incorrect statement for so many reasons, and get a hobby for goodness sakes.

where did amz's long post go?
Good question! :confused4

where did amz's long post go?
He deleted it and since this thread is way off topic, closed.