How can I restrict the access to my Droplet only for a Specific Country?

Posted May 30, 2020 2.1k views
SecurityDigitalOceanFirewallConfiguration ManagementControl PanelsDigitalOcean Cloud Firewalls

I would like to block access to my droplet from other countries. I would like to grant permission to access my drop from only a few specific countries.

How to configure this?

I am looking for a detailed answer as I am new here on DigitalOcean.


These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
2 answers

Use cloud flare for your dns.
Then it’s easy.

Else- google max mind ip country list.
This way will take time to setup and maintain

Hello, @sadhin

You can do this using CSF (ConfigServer Firewal) as well. In order to block a country you can use the CC_DENY option which accept two-letter country codes such as US, GB and etc.

In order to list more than one country you just need to separate them using comas:


You may find a list of ISO 3166-1 alpha-2 codes at

If you’re not familiar with CSF or you want to install it on CentOS or Ubuntu droplet check out this mini tutorial:

For CentOS:

and for Ubuntu:

Hope this helps!


by Lassi Ruonavaara
Config Server Firewall (CSF) is a free and advanced firewall for most Linux distributions and Linux based VPS. Learn how to install and configure on Ubuntu.