In some cases, you might want to restrict access to your site from certain regions. There are several reasons for doing so; such as complying with (privacy) regulations, or to ensure that content can only be viewed by a desired audience.
And then there’s the security aspect to consider, as malicious actors often launch attacks from specific geographic regions. Blocking access from these regions helps to protect against targeted attacks originating from specific geographic areas. Really Simple SSL Pro (8.2) introduces the Region Restriction feature. This functionality allows you to prevent specific countries or entire continents from connecting to your site.
On initial activation of the Region Restriction feature, no regions will be blocked yet. Click the “Block” button next to a country or continent to block that region. If a visitor’s location matches any of the blocked regions; this prevents them from reaching your site altogether. Blocking is initiated before WordPress is loaded to minimize the impact of requests originating from blocked regions.
To view the list of currently blocked regions, select Blocked in the dropdown menu. This will display any countries/continents that were previously added to the blocklist.
Clicking the “Allow” button removes the restriction for that region, and allows visitors from that region to connect to the site again.
The IP address of the administrator who enabled the Region Restriction feature is automatically added to the list of allowed IP addresses.
You can manually add IP addresses to the allow-list by clicking the Trust IP Address button. IPv4 and IPv6 addressing formats are both supported.
After adding regions to the block list, visiting the site from any one of those regions will present the visitor with the following message to indicate that connecting from their region is not permitted.
Disabling Region Restrictions when you are locked-out
It could be that you accidentally locked yourself out, for example: you blocked your own country, and your IP address is not included in the list of Trusted IP addresses.
In such cases, you have the possibility to disable Region Restrictions in Really Simple Security by creating a file in the /wp-content/Â directory of the site.
- Create an empty file in the /wp-content/ folder of your website, call it
rsssl-safe-mode.lock. - The Firewall restrictions from Really Simple Security will be disabled as long as the file is present.
After logging in and removing the region block, or adding your own IP to the allowlist of the Firewall, you can safely remove the rsssl-safe-mode.lock file from the /wp-content/ folder to re-activate the Firewall.
