arthurh88
asked on
How can I block Nigeria IP's? Either ASP.NET, IIS7, or Win Server 2008
I dont care where it is done: either on Win Server 2008, IIS7, or ASP.NET...
I want to block Nigeria IP addresses from using my website.
I apologize to the good people of nigeria, but 99% of all traffic I get from that country is malicious and the manhours spent is not worth it. if the good people of nigeria would clean up their internet usages by cracking down on the web crime there, then maybe more web masters would not take drastic action like this, but i just have little choice. im too busy and need a quick fix for the rampant scams i keep dealing with over IP addresses originating in nigeria.
I want to block Nigeria IP addresses from using my website.
I apologize to the good people of nigeria, but 99% of all traffic I get from that country is malicious and the manhours spent is not worth it. if the good people of nigeria would clean up their internet usages by cracking down on the web crime there, then maybe more web masters would not take drastic action like this, but i just have little choice. im too busy and need a quick fix for the rampant scams i keep dealing with over IP addresses originating in nigeria.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
@RushB
That list would probably be good for right now as an immediate fix, but will get out of date quickly. The harm here is users being incorrectly identified and blocked, which is generally very damaging to the company's image.
That list would probably be good for right now as an immediate fix, but will get out of date quickly. The harm here is users being incorrectly identified and blocked, which is generally very damaging to the company's image.
I included two options- free and paid. GeoIP and Embargo will do the trick if you don't mind paying for the service.
Thanks,
RushB
Thanks,
RushB
My company blocks all traffic to and from all IP blocks assigned to Internet registries that are outside of the United States. It is a pretty aggressive stance, but it prevents all sorts of problems. We block inbound web traffic, and outbound traffic as well, and then make exceptions when needed.
Let me know if you want my router access list and I can post it later.
Let me know if you want my router access list and I can post it later.
http://sourceforge.net/projects/iis7geoblockmod/
Preferably you want to have the block at the network level, which would require a bit more complexity. It would also involve maintaining (or purchasing subscription rights to) a database with IP ranges and their respective geographical regions. Some DNS services provide this capability, but require an rDNS lookup on each IP which may not be feasible in your environment.
Obviously, a determined user can get around this via proxies and such, but this stops the majority of users.