How to block entire countries from accessing your webserver

A few months ago we started seeing the increase in both contact forms and Analytics Spam on one of our clients servers in Sweden. It was traffic originating from all kinds of IP addresses making it very hard to block, we also started seeing the ever-so-famous Vitaly Popov Analytics Spam attack.
These spam attacks corrupt the analytics data, cause rise in server load and at some cases run vulnerability scan on the WordPress sites. Blocking the attackers one by one was meaningless, because they seemed to be using some big botnet with hundreds of IP addresses in Russia and Ukraine. Because the business of our client was not relevant to Russia nor Ukraine we decided to go with blocking the access to the whole countries on server level.
However manually gathering the IP addresses could prove to be a tedious task so we made this simple tool to easily generate IP Lists to block whole countries with Apache 2.2.x and 2.4.x.
In order to install the Country IP Blacklist for Apache 2.4 in the vhost add:

<RequireAll>
Require all granted
Include /home/path/IP-List-Country.conf
</RequireAll>

In order to install the Country IP Blacklist for Apache 2.2 in the vhost add:

Order Deny,Allow
Include /home/path/IP-List-Country.conf
Allow from all

Changing “/home/path/IP-List-Country.conf” to the actual path of the country blacklist.

 

Download Country IP Blacklist

Configure and download IP Blacklist for Country range for Apache 2.2 and 2.4

Read More