Free Geo-Block & Bot Filter Generator

Why we recommend Cloudflare first. Rules apply at the edge before traffic ever hits your origin server — so there is zero performance impact on real visitors and zero load on your hosting. Cloudflare also has built-in bot scoring, VPN detection and threat-score signals you cannot easily replicate elsewhere. The free tier covers up to five custom rules, which is plenty for most small business sites.

Step-by-step

1. Create a Cloudflare account at cloudflare.com and add your domain.
2. Update your DNS to use the Cloudflare nameservers shown during setup. (This is the only fiddly step — once it's done, you're done.)
3. Cloudflare dashboard → Security → WAF → Custom rules.
4. Click Create rule.
5. Give the rule a name (e.g. "SEO First Web — Geo + Bot Block").
6. Click the Edit expression link to switch to the expression editor.
7. Paste the generated expression from the output panel above.
8. Set the action to Block for hard enforcement, or Managed Challenge for a soft check (visitors see a brief CAPTCHA-style challenge).
9. Click Deploy.

Test it

1. Use a VPN to switch your apparent country, then visit your site.
2. You should see either a 403 page, your redirect, or the challenge — depending on what action you chose.
3. In Cloudflare dashboard → Security → Events, you can see every rule hit in real time.

Use Workers when you need more control than firewall rules give you — custom redirect pages, soft-blocks that allow browsing but block checkout, conditional logic based on path, or A/B testing different actions.

1. Cloudflare dashboard → Workers & Pages → Create application → Create Worker.
2. Give it a name (e.g. "geo-block").
3. In the code editor, paste the generated Worker script from the output panel above.
4. Click Save and deploy.
5. Workers dashboard → your worker → Triggers → Add route.
6. Add a route pattern like yourdomain.com/* matching your zone.
7. Deploy.

If your site is hosted on Vercel, this is the simplest option — no extra services or DNS changes, just one file in your repo.

1. Create middleware.ts in your project root (or src/middleware.ts for Astro / src-based layouts).
2. Paste the generated middleware code from the output panel above.
3. Commit and push — Vercel auto-deploys.
4. No environment variables, no config changes — Vercel's edge runtime resolves request.geo automatically.

Generic Next.js middleware that works on any host — Vercel, AWS Lambda, Netlify, self-hosted Node. Reads geo from request headers when available, falls back to a free IP-lookup service.

1. Create middleware.ts in your Next.js project root.
2. Paste the generated code from the output panel above.
3. If you're self-hosting (not on Vercel or Cloudflare), the fallback uses ipapi.co. For production traffic, swap to a paid GeoIP provider like MaxMind GeoIP2 or ipinfo.io.
4. Deploy — middleware runs automatically on every matched route.

For Astro projects running in SSR mode. Works behind any reverse proxy that sets a country header — Vercel, Cloudflare, Netlify all set one by default.

1. Make sure your Astro project is in SSR mode — add the Vercel, Netlify or Node adapter to astro.config.mjs.
2. Create src/middleware.ts.
3. Paste the generated code from the output panel above.
4. Commit and deploy.

WordPress has no native GeoIP support, so we use the popular GeoIP Detection plugin (5+ million active installs, GPL, free) to read the visitor's country, then enforce in functions.php.

Step 1 — Install the plugin

1. WP Admin → Plugins → Add New.
2. Search for "GeoIP Detection" by Yellow Tree.
3. Install and activate.
4. WP Admin → Settings → GeoIP Detection.
5. Choose "Use Maxmind Geolite Database (Free)" as the source and click Save & Download.

Step 2 — Add the snippet

1. Back up your site first — functions.php errors can take your whole site offline.
2. WP Admin → Appearance → Theme File Editor.
3. Select functions.php.
4. Paste the generated PHP at the very bottom (after any existing code).
5. Click Update File.
6. Test by visiting your site via a VPN.

If your only goal is to not sell to certain countries (rather than block them from the site entirely), WooCommerce's built-in settings cover everything — no code required.

1. WP Admin → WooCommerce → Settings → General.
2. Selling location(s) → choose "Sell to specific countries" and pick your target markets. Or "Sell to all countries, except…" if you only want to exclude a few.
3. WooCommerce → Settings → Shipping → Shipping zones.
4. Only add zones for the countries you actually ship to. Customers from unlisted countries cannot complete checkout.
5. (Optional) Pair with the WordPress functions.php snippet on the previous tab if you want to block visitors from reaching the site at all.

Shopify's built-in Markets feature is the strongest geo-control they offer — disable a market and visitors from that country lose access to checkout entirely. The Liquid snippet adds browse-level enforcement on top.

Step 1 — Configure Markets

1. Shopify Admin → Settings → Markets.
2. Click Manage markets.
3. Disable any market you do not want to serve, or set up specific country lists per market.
4. Save.

Step 2 — Add the Liquid snippet (optional)

1. Shopify Admin → Online Store → Themes.
2. Click Actions → Edit code on your live theme.
3. Open layout/theme.liquid.
4. Paste the generated snippet at the very top of the <body> tag (before anything else renders).
5. Save.

For sites on Apache (most shared hosting). Requires mod_geoip or the newer mod_maxminddb to be enabled.

Step 1 — Verify GeoIP is available

1. Create a temporary info.php file in your site root with <?php phpinfo(); ?> inside.
2. Visit yourdomain.com/info.php and search for "geoip" or "maxmind".
3. If you see GeoIP enabled, you're ready. If not, contact your host — most can enable it on request.
4. Delete info.php after testing — leaving it exposed is a security risk.

Step 2 — Add the rules

1. Connect via FTP / SFTP / cPanel File Manager.
2. Edit .htaccess in your site root (create it if it doesn't exist).
3. Paste the generated rules from the output panel above.
4. Save.

For self-hosted Nginx servers (Linode, DigitalOcean, AWS EC2, etc.). Requires the ngx_http_geoip2_module and a MaxMind GeoLite2 country database.

1. SSH into your server.
2. Install the module: apt-get install libnginx-mod-http-geoip2 (Debian / Ubuntu).
3. Download the free GeoLite2-Country database from MaxMind (free account required).
4. Place the .mmdb file at /etc/nginx/GeoLite2-Country.mmdb.
5. Open your Nginx config: sudo nano /etc/nginx/nginx.conf or your site config.
6. Paste the HTTP-context block at the top, then the server-context block inside your server { } block.
7. Test the config: sudo nginx -t — fix any reported errors.
8. Reload: sudo systemctl reload nginx.