Block Country(or Countries)

Speedy059 · July 23, 2013, 07:00:56 AM

How do you remove a country, or countries, from the Hostbill list so people from those countries cannot order? We are running a promotion right now, and in order to reach our targeted clientele we need to block a couple countries who are down right saturating all of our resources. We will then unblock them after the promotion so we can give everyone a fair chance.

Speedy059 · July 23, 2013, 06:28:41 PM

Any know where the country list on the order forms is stored? If we take out the country there, all orders wont go through from that country by maxmind.

tallship · July 23, 2013, 06:44:06 PM

I block China in it's entirety on some machines/networks w/null routes - that way it doesn't even get to the packet filter layer of netfilter/iptables on that machine.

Some examples are:

Quote

A couple of ways to null route/blackhole IP blocks in the routing tables before it ever reaches iptables:

Code Select Expand
# ip route add blackhole 202.54.5.2/29

lolol

Nullroute IP using route command

Suppose that bad IP is 65.21.34.4, type following command at shell:

Code Select Expand
# route add 65.21.34.4 gw 127.0.0.1 lo

You can verify it with following command:
Code Select Expand
# netstat -nr

OR
Code Select Expand
# route -n

To confirm the null routing status, use ip command as follows:
Code Select Expand
# ip route get 64.1.2.3 RTNETLINK answers: Network is unreachable

Drop entire subnet 192.67.16.0/24:
Code Select Expand
# route add -net 192.67.16.0/24 gw 127.0.0.1 lo

How do I remove null routing? How do I remove blocked IP address?

Simple use router delete command,
Code Select Expand
# route delete 65.21.34.4

Just some examples, and I'm pretty tired right now so I didn't check for typos, but you get the gist of the idea, and it works really well too

Speedy059 · July 23, 2013, 10:13:33 PM

The problem is that we don't want to block the current users, just block more users from China from ordering. Best way I can think of is removing China from the country list when ordering. That would force all orders to be marked as fraud. And current clients can still use their services.

tallship · July 24, 2013, 01:20:25 AM

oic

There should be a provision for this in MaxMind, but I don't see it. You could enable the phone verification and cut down on a lot more, but that becomes a hassle even for regular new users too.

It looks like the standard (new) HostBill Fraud protection module has a provision for this, but since kbkp's documentation leaves so much to be desired when the particulars of modules are concerned, I think just popping in the ccTLD will only work from DNS reverse lookups, while enabling the geolocation aspect would perhaps use the APNIC database or something?

There's no documentation on it so your guess is as good as mine, but I've included a screenshot for you

It just seems simpler, and less of a kludge, to implement the functionality you're after within a module rather than remove entries in the database forcing the flag.

I hope that helps

Kindest regards,

maxim · August 04, 2013, 10:40:12 AM

Remember, user can change easy his country. It is nothing hard.

tallship · August 05, 2013, 07:09:54 PM

Yes but I think he prolly has several customers already from the countries in question so blocking them w/null routing would lock those existing customers out their own control panels.

And depending on how you adjust it, I think MaxMind is pretty good at catching a lot of that sort of thing. The phone verification works well, except that there are phone numbers it won't work with (I think GV numbers couldn't verify for a while, not sure if that is still the case though).

Hey is that Freddy Mercury you've got there for your avatar?

maxim · August 05, 2013, 08:10:04 PM

Ok, then it is ok. But I always have javascript off and i'm most time on Tor

(I'm not psycho

)

Yes, sure, Mercury, the best singer all the time