undefined | Better HN

0 pointsaustinheap10y ago0 comments

What's the point in restricting this to enterprise users? I can make access rules for every other country except 'T1' on a the entry-level paid plan?

0 comments

buro910y ago

It's only the "country level block" bit that is limited to enterprise.

But then again, if you're using Nginx something like the following may work (gah, have not tested):

    http {
      map $http_cf_ipcountry $allow_country {
          default yes;
          T1 no;
      }
      server {
        if ($allow_country = no) {
          return 403;
        }    
      }
    }

Assumes you have enabled the GeoIP stuff, which again... I've not tested whether it sends Tor through as a country identifier... I shall ask.

Or you could do the opposite and restrict access unless someone is accessing via Tor ;)

j / k navigate · click thread line to collapse