Geo Blocking plugin

RGJ · May 23, 2022, 9:43am

Summary: Geo Blocking plugin for Discourse

GitHub: GitHub - communiteq/discourse-geo-blocking
Install: Follow the plugin installation guide.
Client: This plugin has been sponsored by Sketchfab.

Features

This can be used to completely block access to your forum for certain countries or networks, for example fraud prevention or to comply with sanctions.

The plugin leverages the MaxMindDB database that is already available in Discourse.

Configuration

Enable the plugin
Add all networks you want to block to geo_blocking_asn_blocklist. Prefix the numbers with AS, so for example AS12345.
Add all countries and regions you want to block to geo_blocking_country_region_blocklist. The following formats are accepted:
- Full country name (for example: Belgium)
- Country ISO code (for example: JP for Japan)
- Full country name followed by a dot and then the region name (for example: Switzerland.Jura).

If you enable geo blocking detailed reason then the error message will contain the country/region or network that caused the user to be blocked.

versus

To test the plugin you can check geo blocking log blocked and/or geo blocking log allowed and inspect the /logs on your forum.

For a full list of supported countries and regions, see list_of_countries_and_regions.txt.

Attention and Caveats

If anonymous visitors are being blocked, they could still get a cached version of the home page for around one minute.

The error page does not contain “Popular” and “Recent” topics because that would leak content to a blocked user.

bartv · May 23, 2022, 3:26pm

Thanks for the quick turnaround on this project, Richard!

Tiago_santos · June 9, 2022, 8:16pm

Thank you. Very usefull

Jagster · December 12, 2023, 6:58am

I’ll try this right away. How could I miss this

I need geoblock few countries and ASes, but for obvious reason I can’t use Varnish for this task as with my other sites. This solves that headache, if it is still operational.

RGJ · December 12, 2023, 8:30am

Yes, the plugin is still maintained and working.

fokx · February 4, 2024, 12:23pm

Thanks for developing this useful plugin, Richard.

I made some minor modifications to adapt to my use case: blocking certain URLs for users in certain regions. What I’ve done is, in add_model_callback(:application_controller, :before_action), adding some more match rules with request.fullpath, e.g.:

return unless request.fullpath.start_with?(*SiteSetting.topic_geo_blocking_exact_paths.split('|'))

I find that this URL-level geo-blocking works if I access the URL by directly typing it in the browser navigation bar. However, if I navigate to the URL by clicking it from Discourse homepage, this doesn’t work. (but after pressing F5 to refresh the page, it gets blocked.)

Could you give me any advice to fix this issue? Thanks.

RGJ · February 4, 2024, 3:34pm

You would need to add some Ember code that intercepts the router as well.

However, I think that you would need to take a different approach here. This plugin was not built for such specific filtering.

It would probably work way better to create a separate plugin that has a mechanism to add/remove users to groups based on their geolocation, and then you could leverage the existing group security to restrict or allow access to specific parts of the forum.

agemo · October 23, 2024, 10:50pm

This is a handy plugin to have but what might stop this from working as expected, firstly the plugin installed fine this is not the issue.

I setup a few blocked countries and then tested using vpn to access in via those countries but encountered no blocked warnings.

Maybe vpn is the issue. Not all VPNs are the same?

mcdanlj · October 23, 2024, 11:23pm

This plugin is not expected to block VPNs.

Except that, obviously, it will block VPN exit nodes in blocked geographies.

agemo · October 24, 2024, 8:06am

Ok thanks for that pointer. I was not factoring in exit nodes and I have no idea where the exit nodes where on the connections, the whats my ip read out was good enough for me, it matched the region/country that was being test geo blocked.

So flip it, I have blocked the zone of the zone I am located in and not used a VPN, use a different device one where I can test both fixed and cellular network, and still nothing happens, no geo block kicks in as expected when dialling in.

RGJ · October 24, 2024, 8:13am

Please understand that a proxy, VPN or Tor will always be able to circumvent these kind of mechanisms. The plugin is not supposed to block those. Geo blocking is done either for legal reasons, or to block access for a casual visitor.

Did you do this?

RGJ · October 24, 2024, 11:32am

5 posts were split to a new topic: MaxMindDB problems

Topic		Replies	Views
Ability to Block Discourse Access from Geographic Regions or Countries Feature	17	1556	February 17, 2020
Login required by country Support	3	246	March 4, 2024
Backend code Dev	9	806	March 8, 2023
Geo-targeting banners on Discourse Dev	4	1718	June 18, 2016
GEO Tagging ability for topics Feature	12	4260	July 7, 2016

Geo Blocking plugin

Features

Configuration

Attention and Caveats

Related topics