Restrict users to access site using various geolocation parameters.

[effone]

Allow admins to restrict users accessing site using various geo location parameters:
Country, Region, District, City, ZipCode, Timezone, ISP
... probably few more possible parameters.

[SerpiusCapricornus]

Question: How would iPatrol handle situations like this?

For my website, I want to block IPs originating from North Korea.

However, as many IP professionals know, North Korea is well known for using fake IPs and/or VPNs.

How would iPatrol be able to determine if a country, group and/or individual are using fake IPs or VPNs and block those and record those offending IPs to be banned permanently on my website?

[effone]

iPatrol has a feature already in place that can detect if a user is using any kind of proxy and can ban the IP right away. Isn't it the way to catch the scenario?

[SerpiusCapricornus]

Ok. I wanted to double-check to make certain that iPatrol will be able detect proxies and take appropriate action.

I see that iPatrol uses this IP-API service.

Does this service have some sort of whitelist for legitimate VPNs or does it automatically assume that all VPNs are NOT legit and will block/ban those?

[effone]

Fact is IP manipulation can never be bulletproof.
I have done much researches on which API can be used and so far IP-API comes out best reliable.
I thought of using ipqualityscore but their detection is too aggressive and likely punish much more legit users (my IPs always get a score of 95+ : high risk, whereas I think I am legit).
I am not aware about whitelisting is allowed in a paid account of IP-API or not but since we are using it free we can't expect that much.
On the other hand, its very much possible to create an internal iPatrol whitelist and iPatrol will skip checking those IPs. If this is a required feature, the same can be added with ease. But before that I must encourage our users to use it first and analyze the detection / action it makes.

[SerpiusCapricornus]

Ok, that is a good plan.

I will test this out on my website and report back anything that might be amiss.

[Eldenroot]

@SerpiusCapricornus - this is the first public version, so any feedback is welcome :)

[Eldenroot]

@effone - is it still needed? What library will you use? This is possible with Cloudflare basic plan, quite tricky to cover all possibilities, not?

[SerpiusCapricornus]

Stay away from Cloudflare. I prefer that iPatrol plugin use open source libraries for this. I feel that if iPatrol uses Cloudflare for IP detection, it may change in the future where it will require a paid option to use IP detection. That will defeat the purpose of the plugin staying free and open source.

[effone]

No additional library. We already have the data per user by existing API. Just need to make use of it.
iPatrol tries to determine original IP by itself.