How to block your site for specific countries

in Nginx configuration

A lot of spam and abuse comes from specific countries. If you don’t do business there, you could block these countries altogether. Some considerations:

  • Country detection is 99,8% accurate (according to MaxMind, the supplier of the geo database).
  • It is generally better to servce a static page, than to enforce a hard block. Static pages consume almost no resources and can be used to explain alternative ways to contact your organisation.

If you want to block, say, Russia and China, use this configuration.

In http.countries_map:

map $geoip_country_code $block_country {
    default no;
    CN yes;
    RU yes;

In server.countries_block:

if ($block_country = yes) {
    return 403;

Alternatively you can rewrite the request inside http.countries_map and upload a static “access_denied_for_country.html” page.

if ($block_country = yes) {
    rewrite ^ /access_denied_for_country.html break;