Well, I do it, possibly not 100% efficient but weeding out a very large chunk
This calls for PHP and MySQL
You need a database of worldwide IP range
And reject the IP range corresponding to Country/Countries you need to be banned.

Also to be sure that your user is coming from a real WWW and not a fake one
I modified a Domain Name Availability Checker to verify that the WWW exists
If available then it most be faked, if not it exists!

[edited by: trillianjedi at 5:05 pm (utc) on April 4, 2007]
[edit reason] Per poster request for typo..... ;) [/edit]

If you're on an Apache server and your host allows you to use htaccess you can ban by ip address or entire ranges. They should, if they do not its time to get another host.

The above methods will work 99% of the time. There is no way to block a person using a proxy server from one of the allowed countries, however, but you are talking about hard core abusers at this point.

Well, I do it, possibly not 100% efficient but weeding out a very large chunk
This calls for PHP and MySQL
You need a database of worldwide IP range
And reject the IP range corresponding to Country/Countries you need to be banned.

Also to be sure that your user is coming from a real WWW and not a fake one
I modified a Domain Name Availability Checker to verify that the WWW exists
If available then it most be faked, if not it exists!

Any ideas on how to go about setting something like this up? I'd be very interested in banning Russia and a few other places from my sites...but don't know where to grab the database for this or how to incorporate that into the server.

Jim

A free database to lookup the country associated with an IP address can be downloaded from [ip-to-country.webhosting.info...]

NOTE TO MODERATORS:
Sorry, I just figured that I posted a PHP script here
maybe it should be moved in the PHP forum?

<?
/* *************************
This could be a stand alone or part of a security check file
in that case it verifies if you are coming from withn the States (only the States)
but you could do other wise
the corresponding DB for the States only is something like 9000 rows
and World wide is about 70000 rows and just about 4.5 megs
*/*************************

include"visitor_ip.inc.php";
/* **********************************
the include file is the function that does most of the job
*/ **********************************
echo "IP Address: " . visitorIP() . "<br>"; // Display IP address
$ip_number= visitorIP();
//error_reporting(E_ALL);

$ip = sprintf("%u", ip2long($ip_number));

require_once("/var/www/YOUR DB_CONN SCRIPT.php");
$conn=db_connectip();

//Query if ipLong is within USA range

$sql = "SELECT * FROM ip_lookup ".
"WHERE low<='$ip' ".
"AND hi>='$ip' ";

$result= mysql_query($sql);

if (mysql_num_rows($result)) {
while($data = mysql_fetch_array($result)){
echo "IP Address verified"; // Do nothing carry on
}
}
else
{
echo"Non Authorized IP<br> Your IP long is: <b>$ip</b>";
exit();
}
?>

<?
/* **********************************
This is the function to be included
Name it visitor_ip.inc.php
*/ **********************************
// display real IP
function visitorIP() {
$ipParts = explode(".", $_SERVER['REMOTE_ADDR']);
if ($ipParts[0] == "165" && $ipParts[1] == "21") {
if (getenv("HTTP_CLIENT_IP")) {
$ip = getenv("HTTP_CLIENT_IP");
} elseif (getenv("HTTP_X_FORWARDED_FOR")) {
$ip = getenv("HTTP_X_FORWARDED_FOR");
} elseif (getenv("REMOTE_ADDR")) {
$ip = getenv("REMOTE_ADDR");
}
} else {
return $_SERVER['REMOTE_ADDR'];
}
return $ip;
}

?>

I have a zipped version of the 4.5 megs DB
I do not remember if it is ready to go or if I modified it
however you may if you want get it
just send me a sticky with an email address

The second section is based on a WHOIS
and from a scripting stand point is quite involving
The developper allowed me to modifiy it and share my work with him, but I cannot share it, sorry!