- Make sure that you have ConfigServer Firewall (CSF) installed on your Cpanel server, and you have access to WebHost Manager (WHM).
- In WebHost Manager, locate and select ConfigServer Security & Firewall under the Plugins section in the left menu. You also can begin typing “configserver” into the search field at the top left to narrow down the options.
- Click on the Firewall Configuration button to open the configuration file.
- Deny access by Country Code. On the Firewall Configuration page, scroll down to the Country Code Lists and Settings
Use the CC_DENY field to block by country code:
- The CC_DENY field accepts two-letter country codes, such as “US” for the United States of America, “GB” for Great Britain, and “DE” for Germany.
- Multiple countries can be comma separated with no spaces in between, such as “US,GB,DE” to deny access to the US, Great Britain, and Germany.
- You may find a list of ISO 3166-1 alpha-2 codes at https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2
- Scroll to the bottom of the Firewall Configuration page and click on the Change.
On the next screen, click the Restart csf+lfd button to restart the firewall with the new settings.
NOTE: CSF does not recommend the use of country-level blocks on any VPS or small server unless the CIDR range for the chosen country is very small.The use of a large-range country block on a small server or VPS could slow the server to the point that it becomes inaccessible.