Foreign trade website shielding China IP access to a variety of methods _ server other

We all know the reason, do foreign trade stations, people like to study your station, but also always help you carry out the stress test ...
The first thought to block the Chinese IP will be the Chinese IP library into the Nginx profile, and then the Web server to compare IP to achieve shielding.

Copy Code code as follows:

Add the Deny IP in the Nginx;
Batch can build a ip.conf file then include ip.conf;

The second is through iptable to prohibit the Chinese IP segment to achieve the purpose of shielding.

The following is the iptable sh script:

Copy Code code as follows:

#!/bin/bash
# block traffic from a specific country
# Written by vpsee.com

COUNTRY = "cn"
IPTABLES =/sbin/iptables
Egrep =/bin/egrep

If ["$ (id-u)"!= "0"]; Then
echo "You must be root" 1>&2
Exit 1
Fi

Resetrules () {
$IPTABLES-F
$IPTABLES-T Nat-f
$IPTABLES-T Mangle-f
$IPTABLES-X
}

Resetrules

For C in $COUNTRY
Todo
Country_file = $c. Zone

IPS = $ ($EGREP-V "^#|^$" $country _file)
For IP in $IPS
Todo
echo "Blocking $ip"
$IPTABLES-A input-s $ip-j DROP
Done
Done

Exit 0

Today on the internet saw a more absolute shielding of the law: there is a free analysis of the service provider Dnspod, we are using its unique analytical approach to the most effective DNS shielding. The domestic network is no more than Unicom (formerly Netcom), Telecommunications, education network, such as several access modes, just, Dnspod provides these 3 kinds of analytic mode. First, we add a default resolution address, here is 8.8.8.8 (please control the correct IP address of your website), then we add the wrong IP address of 3 different lines, such as 127.0.0.1, so that the access from home is almost completely resolved to the wrong IP address. , that is, can be the alternative shielding off.

The second way: Using browser Shielding method:

Copy Code code as follows:

<script type= "Text/javascript" >
if (navigator.language)
var language = Navigator.language;
Else
var language = Navigator.browserlanguage;
if (language.indexof (' en ') >-1) document.location.href = ' nddbc.html ';
</script>

The third method: using the. htaccess file to prohibit China IP segment access;

. htaccess (Don't forget the previous 1 points) file is a configuration file in the Apache server that is responsible for the page configuration in the related directory. Through the htaccess file, you can help us achieve: Web 301 redirect, custom 404 error page, change file extension, allow/block specific user or directory access, prohibit directory list, configure default document and so on. htaccess files are generally found in the root directory of your site ; If not, you can create one of the following methods under Windows system:

Open a Windows built Notepad;
Select Save new file "file-> Save as";
Select the all files type in the Save as type dropdown menu, optionally utf-8 or ANSI.
In file name, enter. htaccess;
Select the path you want to save and then press Save, and a. htaccess file is added.
. htaccess files, we can open them using Notepad. Here are some of the rules that are allowed or prohibited:

Order Allow,deny
# prohibits an IP address 
deny from 123.125.125.147

# disallow an IP segment 
deny from 210.145.95.0/255

# Or you need to allow partial IP allow from 210.145.95.123 in this IP segment and

everything else can be accessed 
allow from

To prohibit IP access in China, we need to add the following rules to the. htaccess file:

<limit Get head post>
Order Allow,deny
Allow from all
Deny from 1.0.1.0/22
Other China IP segment
</Limit>

1.0.1.0/22 is one of 1 Chinese IP segments, and we also need to add all the Chinese IP segments to prohibit all Chinese IP access. For the convenience of everyone, here do a ban on all Chinese IP htaccess text (TXT) file, click to download or to the network disk download, you can download and upload to the space root directory, and then renamed in Space to. Htaccess can also be used to open it in Notepad, Copy the code inside to the. htaccess file in the space;