Block countries using the CSF Firewall

There are two main ways to block a user from accessing a website. You can use mod_geoip, which is basically lines that you enter to your .htaccess file, or you can use the Firewall on the server to stop users from even accessing the site. Here's a link to the mod_geoip - https://portal.my-tss.com/knowledgebase.php?action=displayarticle&id=234


If you're on a VPS or Dedicated Server, the block using the Firewall is a better alternative. It would place less overhead on the server as you're blocking the user from even attempting to load a page on your site. This will save CPU and Memory resources for your REAL visitors that really need it. If you know you're never going to ship a product to China, Turkey or Iraq, we recommend that you block the country from even accessing the site. This will help reduce the number of fraud orders that you receive.

Here's the steps for modifying the ConfigServer Security & Firewall (CSF):

  1. Open the WHM for your serverScroll to the bottom left and find the "ConfigServer Security&Firewall"
  2. Click the "Firewall Configuration" button
  3. Scroll down the page about 1/3 (or use the FIND in your browser) to the section with "CC_DENY"
    These are comma separated list of 2 letter Country Codes. Here's a link to the codes - http://www.worldatlas.com/aatlas/ctycodes.htm

So for every country you want to deny, you just enter those letters in the field (separated by a comma).

The alternate way is to use the "CC_ALLOW_FILTER" and enter only the countries you want to ALLOW access to. We do not recommend using the CC_ALLOW option as this allows users to bypass the filtering done on the firewall when checking for spammers and hackers. If you use the CC_ALLOW_FILTER, the filtering will still work.

Once you're done, scroll to the bottom of the page and click CHANGE. This will restart the firewall, and you're now all set to go.

As always, if you have any questions, please contact one our support agents at https://portal.my-tss.com/submitticket.php
reviewed: 10/17/2016

  • Email, SSL
  • 180 Users Found This Useful
Was this answer helpful?

Related Articles

How do I find my root password?

1) Log into your billing account: https://portal.my-tss.com/clientarea.php 2) Click on the...

How to generate a CSR in WHM

You would like to purchase or transfer an SSL certificate but need a CSR to do so. Here's how to...

Changing ip addresses

To move an account from one ip to another in WHM:1) Log into WHM using root login details....

-DELETE How to downgrade MySQL from Version 5 to Version 4

If you've upgraded your MySQL Software to the newest version but for whatever reason need to...

How to disable Recursive DNS Lookups

A very common PCI Issue is related to the DNS servers.  In order to be PCI Compliant you must...