Magento – Block Certain Countries from Access

magento-1.9

Realized that a lot of bots are coming from countries the shop does not ship to. Some are harmless crawlers (e.g. Russian, Chinese Search Engine bots) but often a lot of vulnerability search crawlers access site.

What is the BEST way to block majority of countries?
Is there a suggested list of such countries ?
Are there future BAD implications due to blocking a bunch of countries?

Best Answer

always use firewall to block ip/cidr or country. like hardware firewall with your hosting provider or local software firewall installation like CSF Firewall. NEVER use http/webserver app.

in CSF Firewall you just enter this:

CC_DENY = "CN,IN,VN,PK,KP,KR,HK,RU,BY,UA,SG,BR"

install ipset module to keep millions ips in iptables without any performance degradation. enable it:

LF_IPSET = "1"

then enable blocklist, it will ban every bad ip from honeypots list with weekly updates:

sed -i "/|0|/s/^#//g" /etc/csf/csf.blocklists

then also it has lots of features to enable traffic and connections tracking, and will ban any ip that opens more connections than you define. etc

you will have to check with your services and modules if they use their API or connections in/to blocked countries. and whitelist their networks.

Related Solutions

Magento 1.9 – Prevent Shipping to Certain Countries

If you're asking what I think; you want to ship to, for example Canada, but certain products, such as from specific manufacturers can't be shipped to Canada.

You have to either rewrite the checkout process or get an extension. Amasty has one that worked well on one of my sites, but was around $100 - totally worth it to avoid me messing up the checkout.

Magento – Exclude countries from cross border trade

You can modify the function Mage_Tax_Helper_Data::isCrossBorderTradeEnabled($store = null) (copy class to local code pool)

add this code before the return statement to disable Cross Border Trade for countries without VAT.

$address = Mage::getSingleton('checkout/session')->getQuote()->getShippingAddress();

if ($address->getTaxAmount() == 0) {

      return false;
}

Instead you can also compare the country_id against certain countries. (Notice: country_id is only available when the customer/guest has entered an address)

Best Answer

Related Solutions

Magento 1.9 – Prevent Shipping to Certain Countries

Magento – Exclude countries from cross border trade

Related Topic