How to allow access only within country - .htaccess

I found this web site to generate a .htaccess to block an access from certain country.
The problem with this is that I want to allow access only within Norway. If I use this service, the list will be very long since I have to list all the country IP addresses.
Is there any way to allow access within country, my case is Norway?

Change all occurences of 'deny' to allow, and all occurrences of 'allow' to deny. Then move the 'deny from all' condition at the end to the beginning of the list.
eg.
<Limit GET HEAD POST>
order allow,deny
deny from 41.205.32.0/19
deny from ....
allow from all
</LIMIT>
becomes
<Limit GET HEAD POST>
order deny,allow
deny from all
allow from 41.205.32.0/19
allow from ....
</LIMIT>
There's some good tutorials about .htaccess.

There are many geoip database vendors that offer solutions for the problem detailed instructions on the subject. Check out http://www.maxmind.com/app/mod_geoip for an apache module that comes with their database which would probably be a perfect fit for your problem.

Related

Is this .htacces config safe?

I was having trouble with some opensource software which I couldn't figure out. Eventually I found somebody with different problems but same error codes who solved it with adding the following lines to .htaccess:
<Limit GET POST>
order deny,allow
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
allow from all
</Limit>
But I am not sure what this means and if it is safe in terms of security?
The additional <Limit> container allows PUT and DELETE type requests, which have probably been disabled on the server. It is best practise to restrict access methods that are not required.
However, your software probably implements a REST API, in which case the PUT and DELETE request methods are probably required (hence your earlier error messages).
Incidentally, those two blocks can be combined:
<Limit GET POST PUT DELETE>
order deny,allow
allow from all
</Limit>
.htaccess files are per-directory Apache config files. If you have access to the main server config then they are not required and best disabled (performance and security). However if you are on a shared server you probably have no choice.

Will Google be able to access my website after blocking all US IPs?

I'm going to block all US IPs using .htaccess this way :
<Limit GET HEAD POST>
order deny,allow
deny from 3.0.0.0/8
deny from 4.0.0.0/25
deny from 4.0.0.128/26
deny from 4.0.0.192/28
deny from 4.0.0.208/29
....
allow from all
</Limit>
Will Google be able to access and index my website after blocking all US IPs?
EDIT : Sorry for the ambiguity, but I DO want Google to index my website.
Although Google has its servers spread across the whole world, it would be quite hard to say where the search engine's bots mostly originate from. What I suggest would be to block the IP ranges but add an exclusion clause that matches against the User-Agent for search bots like:
SetEnvIfNoCase User-Agent (googlebot|bingbot|yahoo!\sslurp) is_search_bot
<Directory /docroot>
Order Deny,Allow
Deny from 3.0.0.0/8
Deny from 4.0.0.0/25
Deny from 4.0.0.128/26
Deny from 4.0.0.192/28
Deny from 4.0.0.208/29
Allow from env=is_search_bot
</Directory>
I don't think so, but if you really don't what google to index it then use a robot.txt file so it doesn't index it. The robot.txt would be
User-agent: googlebot Disallow: /directory/
If it's just a matter of blocking US ip and that's it then you're probably good, as google has data centers in many different locations, not just the United States. This means that google will still probably index it.
Although google has many data centers , but all their bots are in US so no google will not be able to scan your website if you block us ips
If you can't access your domain root directory, just use this meta tag to block google bot index specific page(s):
<meta name="googlebot" content="noindex">
If your site was indexed already by google crawler, following the guide Remove your own content from Google search results
Access: https://www.google.com/webmasters/
There all information that you need.
Here, the Google teach how you can block the Googlebot index your site:
https://support.google.com/webmasters/answer/93708
About your question, I think that if you block all US IP Address, the "Google other country" must access and index your site, then he must sync with Google US.

.htaccess Restrict/Allow by IP address to specific page

What I'm looking for is something along the lines below but instead of restricting access to the whole domain I want to restrict only a specific page and allow certain IP's to access it. Is this possible? Everywhere I searched is only for restricting the whole site. Thank you.
ErrorDocument 403 http://www.domainname.com
Order deny,allow
Deny from all
Allow from 124.34.48.165
Allow from 102.54.68.123
You can use a code like this
<Location /example-map>
Order deny,allow
deny from all
allow from 123.12.12.12
allow from 123.123.43.43
</Location>
This by the 123... the ip from the allowed ip's and /example-map the location
by RedDev

htaccess allow country domain

I would like to block all countries except mine which is Brunei. The domain is .bn
<Limit GET POST PUT>
order deny,allow
deny from all
allow from .bn
allow from *.bn
allow from *.*.bn
allow from *.*.*.bn
</Limit>
My Name Address: smp-85-139.simpur.net.bn so I believe the code below works:
allow from *.*.*.bn
But i still got forbidden access. Anything missing here?
I tried with IP but still blocked..
<Limit GET POST PUT>
order deny,allow
deny from all
allow from 202.152.*.*
</Limit>
My IP is 202.152.85.139
UPDATE:
It appears my web host is using nginx so this setting won't work at all if I'm right.
Here is an .htaccess allow list for Brunei Darussalam, courtesy of Country IP Blocks. The data is correct and current as of 4/20/13.
If your hosting company allows you to use .htaccess you can copy and paste the below data into an .htaccess file and load it into your root:
<Limit GET POST>
order deny,allow
allow from 61.6.192.0/18
allow from 103.4.188.0/22
allow from 103.12.208.0/23
allow from 103.16.120.0/22
allow from 103.17.24.0/22
allow from 103.18.172.0/22
allow from 103.20.24.0/22
allow from 118.103.248.0/21
allow from 119.160.128.0/18
allow from 156.31.0.0/16
allow from 158.161.0.0/16
allow from 192.94.122.0/24
allow from 202.12.26.0/24
allow from 202.59.230.0/24
allow from 202.90.36.0/24
allow from 202.93.208.0/20
allow from 202.152.64.0/19
allow from 202.160.0.0/19
allow from 202.160.32.0/20
deny from all
</Limit>

Block Range of IPs

I'm trying to block a range of IPs from visiting my website
Here is what I have in my .htaccess file
order allow,deny
Deny from 64.244.0.0/64.245.255.255
Deny from 64.244.0.0/15
allow from all
I'd like to know if anyone can tell (or estimate) me how many IPs have i blocked there?
I believe the first DENY FROM is just wrong. I've always seen it this way
64.244.0.0/15
Base Address^ ^Number of bits to use for subnet
This would mean that you have 2^15 addresses in the deny block.
Edit
Using the comments below, what you would want is
ORDER deny,allow
DENY from 64.244.0.0/15
ALLOW from all

Resources