Htaccess block and entire country with just 1 ip allowed from that country?

so as it is clear from the question
is it possible to block a whole country like .ru or .ch with just 1 specific
ip allowed from that country?
RewriteEngine On
RewriteCond %{HTTP_REFERER} \.ru [NC,OR]
RewriteRule .* - [F]

but how to allow only 1 specific ip from .ru? possible?

Anyone can simply override the referrer value that is sent to bypass that test - referrer is a user settable header.

yeah it is ok if they bypass… but is it possible to to block whole country and allow 1 or 2 specific ips?

m,

Yes, but you should consider using a request handler because countries have many large blocks of IP addresses. It would be far easier to test the allowed IP and allow it to pass before checking the mass gaggle of IP address blocks that you want to block. Besides, as Felgall states, it’s too simple to alter a referrer (BAD thing to check, anyway, you want the %{REMOTE_ADDR} variable).

Hint: It’s difficult to keep up with the IP2country landscape and proxies can get around these, anyway. IMHO, it’s just not worth the effort.

Regards,

DK

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.