There can be many reasons for which you might want to block access from specific countries. We will not get into such details. We will present two methods that you can use.
Method #1 – with cPHulk
cPHulk is the cPanel solution to brute force attacks. To block countries in cPHulk:
1. Log into the WHM installation
2. Navigate to Security Center -> cPHulk Brute Force Protection
3. Here, go to the Countries Management tab.
4. Select which countries you want to block, click the gear icon on the right of the list, and select the Blacklist Selected Countries option.
Now, users from the selected countries will not be able to log into mail, FTP, cPanel.
Method #2 – with csf
To block countries in csf:
1. Connect to your WHM installation
2. Go to Plugins -> ConfigServer Security & Firewall
3. Access the Firewall Configuration and look for the Country Code Lists and Settings section
4. The specific csf option for country code block is
In the following options, specify the the two-letter ISO Country Code(s). The iptables rules are for incoming connections only Additionally, ASN numbers can also be added to the comma separated lists below that also list Country Codes. The same WARNINGS for Country Codes apply to the use of ASNs. More about Autonomous System Numbers (ASN): http://www.iana.org/assignments/as-numbers/as-numbers.xhtml ASNs must be listed as ASnnnn (where nnnn is the ASN number) You should consider using LF_IPSET when using any of the following options WARNING: These lists are never 100% accurate and some ISP's (e.g. AOL) use non-geographic IP address designations for their clients WARNING: Some of the CIDR lists are huge and each one requires a rule within the incoming iptables chain. This can result in significant performance overheads and could render the server inaccessible in some circumstances. For this reason (amongst others) we do not recommend using these options WARNING: Due to the resource constraints on VPS servers this feature should not be used on such systems unless you choose very small CC zones WARNING: CC_ALLOW allows access through all ports in the firewall. For this reason CC_ALLOW probably has very limited use and CC_ALLOW_FILTER is preferred Each option is a comma-separated list of CC's, e.g. "US,GB,DE" CC_DENY = CC_ALLOW =
Enter in the CC_DENY field the code of the countries you want to block. For example, to block Germany (DE) and Albany (AL), use: