• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 231
  • Last Modified:

denying access to specific countries

Hello, I'll come out and say it...  I haven't a clue about cgi.  But I'm fairly certain that cgi is the only way to deny access to my webpage from users of particular countries. If this is true. Could someone direct me to a resource where I could purchase or look at the code neccessary?

I'm looking for something along the lines of what netscape uses to keep its 128 bit encrypted browsers to only North American downloads.

Thanks in adance.
Paul.
0
Hohmann
Asked:
Hohmann
  • 4
  • 2
  • 2
  • +2
1 Solution
 
MaDdUCKCommented:
I would like this info too!
0
 
maholtCommented:
One thing you can do....

When you get a request for a web page, the IP address of the machine making the request is sent as well.  You could do a reverse lookup on the IP and get the domain name.  You could then parse out the country.

Let me know if you are looking for someone to write this.
0
 
MaDdUCKCommented:
what if you encounter a .com domain? these can be all over the world...

besides this, people could use www.anonymizer.com to gain access anyway...
0
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

 
tfabianCommented:
I don't think you need to rely on CGI to do this..

check the docs for your web server.. if it supports .htaccess files, you can put deny statements in the .htaccess files to deny sending pages to any domain or conversely, you can put allow statements in to only allow from the domains you want..


much cleaner than trying to write a cgi script...



0
 
MaDdUCKCommented:
I disagree because a CGI script will be portable and not only usable on UNIX. However, what about .com, .edu, .int, .org domains. I assume there are several million domains out there by now and I do not think you want to filter all non-US ones and include them in some sort of data of .htaccess file for denial...
0
 
HohmannAuthor Commented:
The reasons I'm rejecting the proposed answer are basically listed by MaDduCK.
Maholt, I'm interested. But wouldn't that be a better answer to say allowing only certain people with certain service providers access to this site? THat way instead of blobking enormous lists of ips you're making a list of only a few ips that meet your criteria.

I found a site once that I figure read my windows preferences, because it actually told me what country I was from, and it gave it to me as English (Canadian)... The same as my option in my regional settings.
0
 
tfabianCommented:
CGI scripts are not always portable.. most won't run on an NT server running IIS.. but then again, the .htaccess solution wouldn't work there either..



0
 
MaDdUCKCommented:
even if the site actually obtained info from your windows settings (I highly doubt that), I would avoid that because users do not like it and because it is platform dependent. instead, I believe that there are products out there that specialize on exactly these fields. I have yet to find one, but you could contact Netscape and try to get info from them (they employ it as well as Microsoft, but the latter will charge you $90 for any question even if they do not answer it (been there, done that!))
0
 
HohmannAuthor Commented:
heheh.  I was considering approaching netscape.  If I find out anything, I'll post a comment here.

The reason I believed that the site obtained info from my windows settings was that it was a site demonstrating how much information is passed about you without knowing, blah, blah, blah.  (that and the fact that the syntax struck me as similar to that system setting...)
0
 
wayhighCommented:
I'd be interested in hearing the answer from netscape.

The only thing I've come up with so far is doing a whois on the domain with internic when the cgi script is run.. parsing the info and checking the return address for postal sent to the owners/admins of the domain.

In all honesty I don't think it would be too hard to write something to do that..

email me at klynn@santacruz.org if you're interested.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

  • 4
  • 2
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now