Blocking traffic from china


#1

is there a way to blocking traffic from china etc

i tryed this but it doest work

GeoIPEnable On
GeoIPDBFile /GeoIP/GeoIP.dat

RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^CN$
RewriteRule ^(.*)$ http://www.google.com$1 [L]


#2

Is there a special reason why you want to block traffic from china?

To my knowledge, it is nearly impossible to do that. .htaccess can play the trick by blocking a range of IP addresses. But you have to keep the list of blocked IP updated.

Save $97 (MAX Discount) with code: [color=#CC0000]97YES[/color] Sign Up NOW or More Codes here


#3

I think the OP is trying to use MaxMind mod_geoip, which to my knowledge is not installed on the DreamHost apache servers.

Free unique IP and $67 off with code [color=#CC0000]LMIP67[/color] or use [color=#CC0000]LM97[/color] for $97 off. Click for more promo code discounts


#4

Yes, though the changes are generally new allocations, so it’s not too big a deal to just check and update them about once per month (that’s what I do, for my spam filter). I’m assuming the intention is to block rogue bots, and the OP will be satisfied with a :slight_smile: sledge hammer (which is perfectly fine for many folks).

I just extracted a list in .htaccess CIDR format, and the total file size is a bit under 14k. I don’t know what sort of performance issues that size would have. If anyone’s interested, I’ll upload it somewhere (I don’t see a file upload in the forum, but that could be my newness).


#5

He he … sledgehammers do have their uses! :wink:

Unfortunately, there is not “file attachment” function in this forum software, but if you have a home for that list, I’m sure others might find it useful! :slight_smile:

–rlparker


#6

LOL! Exactly!

To use a Star Wars analogy, sometimes you don’t need an elegant weapon, so best to start with a blaster to wipe out the easy stuff, then follow up with a light saber for elegant, close up killing. :slight_smile:

We’ve been using IP-to-nation tests as part of our spam blocking suite for almost two and a half years, and they alone typically catch 75% to 85% of all spam.

Ok, here goes, but first…
*** BIG Disclaimer ***
I extracted these via our anti-spam analysis tool, however exporting in .htaccess format is a brand new, not yet fully tested function, so these could be somewhat off. Note also that this is just a partial htaccess file and must be inserted into a “complete” one to work properly. Use at your own risk, etc. At the very least, this should be a helpful starting point:
http://Puffin.net/software/spam/untested/china_htaccess.zip

The original data source is APNIC’s public IP allocation records, which were downloaded at the beginning of this month. The extractor says the IP ranges contain a “total of 152,610,048 IPs” (wow!).

It’s trivial for me to export any country, so if someone wants another one, feel free to ask. :slight_smile:

P.S. Gratuitous plug:
By the way, the tool I’m using is a powerful anti-spam filter suite, written by a colleague, and discussed in some detail in this thread. In addition to light sabers and sledgehammers, it also comes with grenades. :slight_smile:

We’re setting up a DreamHost account mainly to expand our user base (we’re planning to offer “free” small domains to a few friends, in exchange for in person usability testing of the upcoming web-based FP detection tools).
If it works fine here, other candidates for our spam killing Team will be welcome!