What is the easiest way to geoblock users from e.g. China / Iran from accessing my website? FYI its Django NGINX on Linode. I've read about MaxMind tables but seems complex and only seems works with NGINX Plus which is like $2500 / year. Also Cloudflare, probably easy but potentially only for enterprise subscriptions. Is using built in Django (https://docs.djangoproject.com/en/3.2/ref/contrib/gis/geoip2/) the best option? Do I move to AWS and see if they have something? If anyone has been in this situation it would be great to hear what worked for you, thanks.

PS: it's more distribution compliance than stopping DDoS etc, so blocking the majority of average users is enough.

CodePudding user response：

If you're on CentOS/RHEL, you can use fds:

fds block China

This will block on the firewall level.

CodePudding user response：

You can use the iptables in Linux to block traffics.

iptables -I INPUT -m set --match-set ipblocklist src -j DROP

You can export the latest free IP address lists of China and Iran from IP2Location Firewall.