How to block traffic from Particular country

How to block traffic from Particular country

Many webmasters and Internet security experts have always been keeping a close watch and serveilling the web for security threats. Post observations, it has been seen that during the recent years, there have been a lot of hacking attempts initiated from the Chinese geo-location. Chinese attackers and hackers are being considered to be causing serious concerns for webmasters from across the globe.

Across various places over the web, we get to read that the Chinese government isn’t taking any steps and measurements for discouraging attackers from carrying out illegal activities over the World Wide Web. Hence, further adding to the concerns for webmasters across the world. Considering such a scenario, it becomes crucial to protect and safeguard the property ourselves.

And, as a matter of fact it is no tough to strengthen the online presence ourselves. If you have an Apache server, using an htaccess file, you can easily block the traffic coming from the desired locations over the globe. Having said that, users who have an IIS based server too can block the unwanted traffic. Webmasters and server administrators can block the traffic at the router level itself. Incase, you have a Linux router or have deployed a firewall with IPTables, you can check the IPTables blocklists at :

We are left with not many choices other than blocking the traffic originating from IP’s from China, due to a simple fact that there aren’t any firm steps adopted by the government their. Though, by implementing these measures, we might also block the legitimate traffic and the users who do not have any false intentions in their minds. But, after taking such counter-active measures, it has been reported the drastic decrease in the hacking attempts and attacks in the very recent months.

So, by following the procedure what are you going to achieve ?

The procedure stated in this article will help you keep the individuals from china away from surfing your website pages, hence decreasing the chances of causing any damage to your site and the information therein. Common words about the increasing number of hacking attempts and volume of illegal online activities from China, is being shared among the webmasters from various communities across the globe.

A point should be noted about the procedures described in this article wouldn’t avoid the hackers from finding your IP address of your server. In order to safeguard that area as well, you can opt for a firewall. The process stated here makes use of an .htaccess file which instructs your Apache Web Server software to stop responding to the requests generated from Chinese IP locations. Having said that, if you have taken appropriate measures for hardening your servers, the TCP port 80 which is the only open port on Apache for serving the requests, webmasters can instruct not to serve any requests arising from IP addresses from China from your server. This would offer you two advantages, one that your information and data would be safeguarded and secondly you can avoid attacks and hacking attempts on your web-server through port 80.

The usage of .htaccess files is a routine part for the apache server, hence if you have your site upon this server, you’d have to spend none. If you aren’t sure about the type of server on which your website is hosted, you should get it confirmed from the company who has offered you an Affordable Web Hosting service. You must also check with them whether the use of .htaccess has been allowed for your account, if it hasn’t request them to enable it (Note: It would largely depend on the type of hosting account).

The procedure to block the traffic originating from Chinese IP addresses is carried out using the ‘deny‘ statements in Apache .htaccess file. For eg. :

order allow,deny
allow from all
deny from

By including the mentioned statements in the .htaccess file on the Apache Server, would block the IP and the complete subnet

It is important that the access to .htaccess is enabled in the primary Apache configuration file ie. httpd.conf. The file should include the below statements :

AccessFileName .htaccess
AllowOverride Limit

These simple steps can keep you safe from the illegal intentions of hackers, and hence would keep your online existence secure and hassle free.