I would like to block access to my droplet from other countries. I would like to grant permission to access my drop from only a few specific countries.

How to configure this?

I am looking for a detailed answer as I am new here on DigitalOcean.

Thanks.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers

Use cloud flare for your dns.
Then it’s easy.

Else- google max mind ip country list.
This way will take time to setup and maintain

Hello, @sadhin

You can do this using CSF (ConfigServer Firewal) as well. In order to block a country you can use the CC_DENY option which accept two-letter country codes such as US, GB and etc.

In order to list more than one country you just need to separate them using comas:

CC_DENY = "AB,CD,EF"

You may find a list of ISO 3166-1 alpha-2 codes at https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2

If you’re not familiar with CSF or you want to install it on CentOS or Ubuntu droplet check out this mini tutorial:

For CentOS:

https://www.digitalocean.com/community/questions/how-to-install-and-configure-config-server-firewall-csf-on-centos

and for Ubuntu:

https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-config-server-firewall-csf-on-ubuntu

Hope this helps!

Regards,
Alex

by Lassi Ruonavaara
Config Server Firewall (CSF) is a free and advanced firewall for most Linux distributions and Linux based VPS. Learn how to install and configure on Ubuntu.
Submit an Answer