so as it is clear from the question
is it possible to block a whole country like .ru or .ch with just 1 specific
ip allowed from that country? RewriteEngine On RewriteCond %{HTTP_REFERER} \.ru [NC,OR] RewriteRule .* - [F]
but how to allow only 1 specific ip from .ru? possible?
Yes, but you should consider using a request handler because countries have many large blocks of IP addresses. It would be far easier to test the allowed IP and allow it to pass before checking the mass gaggle of IP address blocks that you want to block. Besides, as Felgall states, it’s too simple to alter a referrer (BAD thing to check, anyway, you want the %{REMOTE_ADDR} variable).
Hint: It’s difficult to keep up with the IP2country landscape and proxies can get around these, anyway. IMHO, it’s just not worth the effort.