+1
+1
+1
+1
+1
3 Ways to geo-restrict your App – Day Nineteen
![Image Cover](https://res.cloudinary.com/practicaldev/image/fetch/s--OG9dHHFI--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/5pcvxop0lm2i0f5oileb.jpg)
100 days of Cloud on GitHub – Read On iCTPro.co.nz – Read on Dev.to
In this tutorial i will show demo of , restricting your application to specific country.
📝Prerequsite
Access to your WAF, Cloud Front, Route53 and privileges to manage it
🌩️ Using CloudFront
- Login into Console and goto CloudFront
- Select your cloud front Distribution
- Go to Geographic Restrictions and select edit
![Image distribustion](https://res.cloudinary.com/practicaldev/image/fetch/s--zDAGX6WM--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/6w9f7ezcvqdffim1jnqh.png)
![Image edit](https://res.cloudinary.com/practicaldev/image/fetch/s--_qLrP65P--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/xxi7zesqn27wrxgu66dx.png)
Select Block list, and type in the country you want to restrict. and click Save changes
![Image restrict](https://res.cloudinary.com/practicaldev/image/fetch/s--z6etGQhK--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/nc6uv21s9bbqyhj45ff6.png)
🛡️ Using WAF & Shield
- Login to console and go to WAF & Shield
- Select your Web ACLs and go to Rules. Then Click Add my own rules and rule group
![Image name](https://res.cloudinary.com/practicaldev/image/fetch/s--CX_Q0QxY--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/yv4t7ywxop2c56rwm2ml.png)
- Select Rule Builder and Name the rule.
- Select inspect as Originates from a country in and type the bad country you want to restrict access.
![Image block country](https://res.cloudinary.com/practicaldev/image/fetch/s--txoti5od--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/dn5c6j5x33ty6d2d2n45.png)
- Then select Action as Block then click Add rule.
![Image blockrule](https://res.cloudinary.com/practicaldev/image/fetch/s--8aTrx5iJ--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/hxa62gue3a94ylxncw9u.png)
🛣️ Using Route53
- Here the concept is a bit different rather than blocking them completely , what route53 does is it will redirect traffic from selected country to a diffrent end point which can be an s3 hosted site which says ” You don’t have access to this website from your country”.
- Check out this Tutorial to see how can you create a website with s3.
- once you host your site on s3 for the Bad-Country , you can just point it with R53.
- Login into Console and goto Route53.
![Image r53](https://res.cloudinary.com/practicaldev/image/fetch/s--LfKCNLgE--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/bwyb3r4g81hsl4uytpvz.png)
- Click on to your Hosted Zones and select Traffic policies.
![Image name](https://res.cloudinary.com/practicaldev/image/fetch/s--dikxzI4k--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/dut1l8fla9q44sru7kix.png)
- Enter information as shown below. and click Create Traffic Policy
![Image map](https://res.cloudinary.com/practicaldev/image/fetch/s--V2YCNnxe--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/eg6r6qomhppf2tb946u1.png)
Select your Domain and Click Create Policy Records
![Image r53policy](https://res.cloudinary.com/practicaldev/image/fetch/s--4keF4znM--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/urtfkx2m4al9pr018w6f.png)
Remember there is $50 charge for this so its recommended to use first two options
🎉Congratulations🎉 you have successfully blocked access to your app for a unauthorised Country.
✅Connect with me on Twitter
🤝🏽Connect with me on Linkedin
🧑🏼🤝🧑🏻 Read more post on dev.to or iCTPro.co.nz
💻 Connect with me on GitHub