Forgot your password?
typodupeerror
The Internet

How To Keep a Web Site Local? 297

Posted by kdawson
from the first-ban-google dept.
Cornwallis writes "The universal accessibility of the Internet is one of its attractions. But what do you do when you don't want your board to be Slashdotted? Back in the day it was great to run a local BBS where friends and neighbors could dial in using their 9600-baud modems to pick up mail or share games or stories. Now, my Web-based board gets slammed by people from all over the world who have no reason to access it, can't possibly take advantage of the locally focused services it offers, and generally take up my time because I have to block their accounts or explain to them why they can't have access. This despite the fact that the board explains quite clearly that it is for local use only and couldn't possibly be of interest to them. Other than putting thousands of entries in my hosts file to block IP ranges, what options do I have to restrict access to locals only? Or isn't that feasible?"
This discussion has been archived. No new comments can be posted.

How To Keep a Web Site Local?

Comments Filter:
  • .htaccess (Score:5, Informative)

    by Norsefire (1494323) * on Wednesday March 11, 2009 @03:05AM (#27146863) Journal
    order allow,deny
    deny from all
    allow from iprange
    allow from iprange
    allow from iprange
    etc. etc.

    There are websites all over the internet [google.com] that allow you to do country-by-IP-range lookups.

    You could also do;

    ErrorDocument 403 "Sorry, this website is only available to people living in .

    (Yes, no final quotation mark).

    Or don't worry, what does it hurt if people who aren't benefiting from a website visit it?
    • by Anonymous Coward on Wednesday March 11, 2009 @03:10AM (#27146893)

      ErrorDocument 403 "Sorry, this website is only available to people living in .

      Or "This is a local website for local people. There's nothing for you here."

      Or don't worry, what does it hurt if people who aren't benefiting from a website visit it?

      They covet the precious things.

      • by fractoid (1076465) on Wednesday March 11, 2009 @03:26AM (#27147013) Homepage

        Or "This is a local website for local people. There's nothing for you here."

        Thankyou! I was hoping someone would say this. ;) Bad login attempts should lead to an error page saying "What's all this shouting? We'll have no trouble here!"

      • by cbiltcliffe (186293) on Wednesday March 11, 2009 @08:44AM (#27148779) Homepage Journal

        Or "This is a local website for local people. There's nothing for you here."

        You are in a maze of twisty little web pages, all alike.

    • You can automate it (Score:5, Informative)

      by an.echte.trilingue (1063180) on Wednesday March 11, 2009 @04:12AM (#27147265) Homepage
      While it does involve having thousands of addresses, this kind of thing is pretty easy to automate, given what your goals are. For example, I use this tool [webhosting.info] to determine which country my visitors are in and display the relevant contact information (show the French address to people in France, the Belgian one to people in Belgium, etc). I have a cron job set up to update the database once a week; it is fully automatic and very reliable.

      If you need to be more specific, this guy [jpederson.com] has a php class that can supposedly give you information as specific as city, or you can write your own using the db you can download here [hostip.info], although I can't personally vouch for either. You could also parse the hostnames in your server and only allow service providers in your area.

      Also, google code [google.com] has a really good tutorial for a client side application if your server is limited in its capabilities.

      Either way, it sounds from the summary like you have access to a database of ip address ranges you want to allow. Just set up a cron job to download it and parse it.
      • Re: (Score:3, Informative)

        by xaxa (988988)

        Implementing something like this brings problems if there's no way to get around it. For instance, many multinational companies have only one point of presence on the Internet, which can be shared by offices in different countries. At the last one I worked at, the PoP was in France, so even thought I was in England many websites would appear in French, and a few "UK only" services didn't work.
        Same with people on holiday, or people who use a mobile phone to access the web.

        If the website really isn't interest

        • > who cares about the library shutting an hour earlier on Thursdays and the
          > graffiti on the bus shelter, except the people living there?

          It might be fun to troll even if you don't live there. If only local access were allowed, then the population of possible trolls would be much smaller.

          Like everything else it's a tradeoff between the benefits, and the disadvantages (in this case, probably the main disadvantage is blocking access to some people who should have it).

    • Re:.htaccess (Score:4, Insightful)

      by Haeleth (414428) on Wednesday March 11, 2009 @05:10AM (#27147581) Journal

      There are websites all over the internet [google.com] that allow you to do country-by-IP-range lookups.

      You could also do;

      ErrorDocument 403 "Sorry, this website is only available to people living in .

      And then brace yourself, because you're going to get an earful from the next local person who tries to catch up with her friends back home while she's on holiday, only to be told that she's banned because she's "not local".

    • by Anonymous Coward on Wednesday March 11, 2009 @06:32AM (#27148009)
      Copyright doesn't exist. You don't have the rights to keep your information for yourself. You MUST share it with all us and everybody as the rights to copy and use it.

      or so I have been told here on slashdot.

      PS. Apple users suck.

      • Re: (Score:3, Insightful)

        by pipatron (966506)

        And you seem to be one of those that doesn't understand what "Information wants to be free" means, and how the question in the article actually shows one of the ideas behind that sentence.

        The meaning with "Information wants to be free" is that it is very very difficult to contain information. You can't stop it from spreading, even if you would like to. It doesn't matter if you don't want it to be free or open, it will spread anyway.

        Blocking some people from a website is also bound to fail, maybe not for t

    • by Dan East (318230)

      There would likely be very significant problems from filtering by IP address. In our rural town, the local DSL usually shows up as a major city over 100 miles from here. We have significant usage by several other ISPs of varying types - cable, dial-up, multiple ad-hoc WiFi providers, satellite, etc. Because of our poor rural internet coverage we have a number of people resorting to satellite and cellular providers (even though the cell service is only around 200 Mbps).

      So I don't know about that town, but

      • by Jellybob (597204)

        Your cell service is *only* around 200Mbps.

        Where do you live? I want to move there right now. I work for an ISP, and we *only* get around 100Mbps down fibre to the office.

      • > So I don't know about that town, but it would be impossible to restrict access by IP
        > address in these parts. Or at least you would have to allow potential access to many
        > millions of people...

        That would be three orders of magnitude better than allowing access to six billion people.

    • Re: (Score:3, Funny)

      by tttonyyy (726776)

      iptables -A INPUT -s ! 192.168.0.0/16 -j DROP

      That should keep those pesky non-locals out. ;)

    • That should work for some cases however if you still have dial-up users say the 3 AOL users who are left. who dial in then gets their analog gets routed on a wan to their ISP in California then back to your site who would block it. Or if they have satellite internet, or even cell phone connection. I just checked my iPhone over Edge and it says I am from DC Let me tell you that I am not in DC or even near it.

      Or People with Proxys, VPNs, people who are actually from the areas but just isn't there quite yet.

    • Why do that when you could just set the TTL on the IP packets? There was a dailyWTF article about the mystery of email that couldn't go farther than 1000 miles; it was eventually discovered that TTL was the reason.

    • Or don't worry, what does it hurt if people who aren't benefiting from a website visit it?

      The local advertisers won't pay for hits outside the target area.

  • How do you define locals?

    If it's just people living in a small area - like friends and neighbours, how about having your server only serve to anyone on a wifi network you set up for that purpose?
    • Ask yourself: What would RMS say?
      • by TheLink (130905)
        RMS isn't the one asking the question. For him local could mean something totally different from what cornwallis means.

        I think we need more info to provide a useful answer to cornwallis.

        So what does cornwallis really mean by local?
      • by Nutria (679911)

        What would RMS say?

        Royal Mail Ships don't say much, if anything, at all.

    • Re:Who are locals? (Score:5, Informative)

      by Z00L00K (682162) on Wednesday March 11, 2009 @04:20AM (#27147313) Homepage

      Have a credibility check page - like checking if someone knows about a local detail that's known by the locals.

      "What was the color of the church at Elm Street before 2004?"

      And you may want to be careful with IP address filtering since that can result in unexpected disadvantages when a local is out traveling.

      • People travel. (Score:4, Insightful)

        by Futurepower(R) (558542) <MJennings.USA@NOT_any_of_THISgmail.com> on Wednesday March 11, 2009 @04:27AM (#27147339) Homepage
        Yes, exactly: "... you may want to be careful with IP address filtering since that can result in unexpected disadvantages when a local is out traveling."

        Don't expect that your users stay in one place.

        Do expect that they sometimes travel to other countries.
        • by azaris (699901) on Wednesday March 11, 2009 @04:50AM (#27147457) Journal

          Don't expect that your users stay in one place. Do expect that they sometimes travel to other countries.

          I was going to suggest this, then realized his users are likely to be Americans.

          • Re: (Score:3, Insightful)

            by Haeleth (414428)

            Even Americans travel. Suppose his website's in Florida: he presumably wouldn't want Alaskans using it, because they're even further from being "local" than many foreigners. So any regional blocking would be at the state level, or possibly even the city level. And that means travellers wouldn't have to be abroad to be inconvenienced.

          • Re:People travel. (Score:4, Insightful)

            by WindBourne (631190) on Wednesday March 11, 2009 @08:48AM (#27148819) Journal
            Do expect that they sometimes travel to other countries.
            I was going to suggest this, then realized his users are likely to be Americans.
            The funny thing is, that this is true of all large countrys citizens that do not live near a border. For example, how many ppl in France, German, or even England go into Africa? Or America? Or Australia? All of the Michigan , Wisconson, Minnesota folks I know HAVE been into Canada. Likewise, all the West Texas, NM, Southern CO, AZ, Southern Nevada, Southern CA ppl that I know have also hit Mexico. The ppl that have never been out of the country tend to be those in the middle. Of course, they have all traveled more than 1000KM away. And the simple fact is, that for us Coloradoans, we see major cultural differences . The difference between a West Canadian vs East Candian has about the same difference; Love their country, but different mind sets.

            What is funny, is that it get the average EU person to travel similar differences would mean that they travel from Western europe into just east of middle Africa, or that they go into the middle east, OR that they go into central africa. How many do that? Damn few. And South Americans do even less traveling.
        • My BlackBerry, when on T-Mobile UK, had an IP address in a block that was geolocated as being in Germany. Since moving to Orange, I occasionally have an IP that looks up as being in France.

          As a result, I have often been locked out of my internet banking, as they identify this as suspicious / potentially fraudulent activity, unless I have informed them that I am going to be abroad.

          I have to physically go to a branch of my bank with two forms of ID to reactivate my online banking. Consequently I don't use int

  • by Anonymous Coward on Wednesday March 11, 2009 @03:06AM (#27146873)

    ...I doubt Slashdot can make a good assessment without taking a look at the site. Mind posting the URL?

  • Would it not be easier to approve individuals than spend time unapproving anyone not from your little community. Do you threaten the intruders with pitchforks whilst crying "Are you local????".
    Facebook is open to the world, but still manages to sustain small communities / groups. It's not impossible.

    You could restrict your website to 127.0.0.1 - that's very local. Or you could wire all the houses together on a private subnet.

  • by Macthorpe (960048) on Wednesday March 11, 2009 @03:08AM (#27146879) Journal

    Get some paper, pin it up around the neighbourhood with a private key. Ensure that people can't create an account or access the boards without the private key.

    Am I missing something? Why use an overly technical solution when some paper and pens will fix the whole thing?

    • by jschen (1249578) on Wednesday March 11, 2009 @03:15AM (#27146937)
      I agree that this probably should not be solved purely on the technology end of things. One of the great things about the Internet is that one can access things from most anywhere. Your website may cater to locals, but you need to consider the possibility that someone who is generally local to the area but currently elsewhere might want to access the site. That's a pretty serious problem for filtering based on geography.
      • by Jurily (900488) <jurily@noSpAM.gmail.com> on Wednesday March 11, 2009 @04:27AM (#27147335)

        That's a pretty serious problem for filtering based on geography.

        No kidding. Basically, anyone who thinks geography-based filtering is a good idea should be shot. Imagine moving 2000 miles, then being told by some braindead webdesigner you can't talk to your friends anymore.

        • No kidding. Basically, anyone who thinks geography-based filtering is a good idea should be shot. Imagine moving 2000 miles, then being told by some braindead webdesigner you can't talk to your friends anymore.

          As others have pointed out, you only need to enforce this when creating the account. Once you have an account, there's no need to do any filtering.

          Also, you're assuming this is some kind of social networking site where the goal is to talk to your friends. What if it's an association for condo owners in a specific building? If you move 2000 miles, you're no longer welcome at the site because you don't live there anymore. If you made friends in your building, follow them on Facebook not on some specialist

          • What if it's an association for condo owners in a specific building? If you move 2000 miles, you're no longer welcome at the site because you don't live there anymore.

            Two words: "Absentee Landlord".

            My father-in-law owned a condo in the same complex where I lived. He moved to FL and rented out the condo. He obviously needs access to that site.

        • by 1u3hr (530656) on Wednesday March 11, 2009 @05:20AM (#27147645)
          No kidding. Basically, anyone who thinks geography-based filtering is a good idea should be shot. Imagine moving 2000 miles, then being told by some braindead webdesigner you can't talk to your friends anymore.

          Happens to me a lot. I'm in Hong Kong. I find some US ISPs (like AOL) bounce my mail solely based on my location. And much media (even some on Youtube) is blocked geographically. Even some porn sites block me.... And other sites insist on giving me Chinese versions of their web pages, with no option to choose English. Highly irritating to go to Google.com and find myself redirected to Google.com.hk. (Yes, I have workarounds now, still annoying.)

          • by Jurily (900488)

            Yes, I have workarounds now, still annoying.

            I set up a proxy for myself on my old computer back home, just for this purpose.

    • Local trivia was suggested. This private key on paper is a second idea. A third is that you use an invite-only system, just like gmail did at the beginning.

      Also, I'd place an invisible link in your web site somewhere, to catch the spiders refusing to follow your robots.txt guidelines (note that even the googlebot sometimes does not always follow that directive, or that many illegitimate spiders will sometimes label themselves as the googlebot to avoid getting blocked, so be careful if you don't want to mes

  • Link plz (Score:3, Funny)

    by Anonymous Coward on Wednesday March 11, 2009 @03:09AM (#27146889)

    Give us a link to the board, we need to have a look at it before we can properly assess the best way to 'keep it local'.

  • MaxMind + PHP? (Score:3, Insightful)

    by shri (17709) <(moc.liamg) (ta) (cmarirhs)> on Wednesday March 11, 2009 @03:11AM (#27146905) Homepage
    If you use PHP, consider getting Maxmind and filter on its city / country databases.
  • Download a database of IP address to location, then do a lookup. If it's within your state, for example, then allow access. Otherwise, send them to a "sorry" page with contact info in case they really are local and you need to add an exception.

    Or implement SMS verification on account signup that only allows your area code and then do manual review, perhaps using a community approval process.

  • Other than putting thousands of entries in my hosts file to block IP ranges, what options do I have to restrict access to locals only? Or isn't that feasible?

    Your really asking the impossible. The Internet is fundamentally designed to share data across the various networks that comprise it. I understand your desire to keep costs down (time+bandwidth), but if for some reason you are having large numbers of users visit your site that is raising your costs, there is practically nothing you can do that you ar

  • by QuantumG (50515) * <qg@biodome.org> on Wednesday March 11, 2009 @03:20AM (#27146977) Homepage Journal

    You have no idea what is of use to other people. Maybe they're thinking of visiting your local area. Maybe they have friends that live there. Maybe they're thinking of setting up a similar board for their own area and want to know how yours is going. Put down your ego for a minute.

    • Re: (Score:3, Insightful)

      by Yvanhoe (564877)
      Maybe they are locals who happen to be visiting Japan...
      If you put a website on internet, then want to restrict its geographical zone of use, you are doing something wrong. You can make a community group by selecting the individuals but that is about it.
  • Moot? (Score:2, Insightful)

    by Anonymous Coward

    I'd put good money on this being 4chan

  • Get a list of local ip ranges from local ISPs and whitelist them in your firewall. It'll take a lot of work, but that's what happens when you work against the openness of the internet.
  • Just make it members only, and implement a signup procedure. Lots of sites do this; it's relatively easy.
    • The submitter already requires a user account to use his system. Hence the part in the story about spending a lot of time deleting accounts.
      • Then maybe it's not made clear up front that the site does not pertain to them. Personally, I am pretty selective about what sites I will bother to sign up on (Slashdot was my last major mistake), and I find it hard to believe that given enough information to know that the site does not pertain to them, they sign up anyway.
        • by 1u3hr (530656)
          I find it hard to believe that given enough information to know that the site does not pertain to them, they sign up anyway.

          Spammers will sign up to any and every forum they can. Some automated, some sweatshops i INia do this all day long. Any forum, on any subject, if you allow automatic registration, will be full of spam in a few weeks or months if not moderated.

          • Sorry but I disagree. This last year I have worked on a major commercial website, with extremely easy signup, and not even any captcha (we got rid of the captcha about 8 months ago). Spam has been a very minor problem if at all.
            • by 1u3hr (530656)
              Either you had some filtering (eg, IP blocking) you were unaware of or very active moderators. Otherwise, you might as well walk naked though Central Park at midnight.
        • by rtb61 (674572)

          I think the person is after a fully automated solution that requires no maintenance. One of those local boards where people offer service in their local area to other people, possibly a barter board or the like.

          They are now learning one the internet biggest lessons, creating a web site is a relatively simple thing, keeping it running and up to date is a never ending chore and the more interactive it is, the more maintenance required.

          There really are no quick easy solutions, which is of course why some

  • Make the user registration form (mandatory to access said services) ask a mandatory piece of information: location. City, town, or what ever your target population is described by. If the answer is not what you want, give the account, but make the website just as defunct as it used to be before making the account. :-)

  • Local Capthca (Score:3, Interesting)

    by jannic (152373) on Wednesday March 11, 2009 @03:37AM (#27147085)

    Implement something similar to a captcha: Ask questions only people from your neighborhood can answer. Make sure the answers are not too easily found by using google.

    • This is a pretty insecure authentication mechanism, because it necessarily has to be simple -- so you'll want to use some obscurity as well.

      Make sure that if the incorrect answer is given, the user is redirected to a 'login success' page that has minimal and outdated content.
      They will quickly lose interest and leave.

      If you redirect to a 'login error' page, then they may try harder to get in.

      Another approach would be to distribute (multiple or a single) SSL client keys to all your neighbors.
      Then its a simple

  • local knowedge (Score:5, Insightful)

    by 1u3hr (530656) on Wednesday March 11, 2009 @03:39AM (#27147091)
    We have a forum for our village.

    A couple of years ago we started to get a lot of people signing up from China, India, Russia etc and then posting spam. So now, to register with the forum you have to answer a question that requires you have some local knowledge. That gets rid of most automatic signups. And secondly, the accounts are not activated automatically but have to be approved by an administrator. So we delete those with spammy URLs in their signatures ("Buy WOW gold" seems to be a common variety). In a small community, the number of real local people siging up is a few per week. Maybe a couple of spammers get past that in a month, and then their posts and accounts are quickly deleted.

    • Re: (Score:3, Informative)

      I run our town website. 1,000 registered users but very, very little spam - over seven years I think I can count the amount of spam from China and Russia on the fingers of one hand.

      Two reasons. One: a completely bespoke system, hand-crafted from finest dodgy Perl and inefficient SQL. Put simply, if you're not running phpBB or something well-known like that, they're simply less likely to find you. These guys search for phrases like "powered by punBB" to find targets.

      Two: postings in the news, events and

  • Make all potential users send scanned copies of at least forms of ID, one with a local address and a copy of any utility bill or credit report.
  • Callback/SMS (Score:4, Interesting)

    by hab136 (30884) on Wednesday March 11, 2009 @04:25AM (#27147323) Journal

    One previously common method of authentication was call-back. You give the site your phone number, then then site calls you (and you press a digit, or answer with your modem).

    Nowadays the equivilent is SMS. When they sign up, have them put in their cell number to receive an SMS, then require them to enter that code to continue. You can send SMSes via email for most carriers, so no equipment on your end. Only allow SMSes to your area code and local carriers. For people without cell phones, have them enter their landline phone number and then have a human call them.

    • by oneiros27 (46144)

      In that case, I'd fail. (and I'm even a town commissioner).

      I have no landline, and my cell phone's area code is from another state -- when I moved to the area, I was at my dad's house when I called to move my cell phone's area, and they asked me where I was, and I told them, and they assigned me a phone number in Virginia.. I explained that no, I wanted a DC or Maryland phone number, and they told me that if I wanted to pick my number, they'd charge me some obnoxious amount. (well, it seemed obnoxious at

    • by debatem1 (1087307)
      I'd reverse this, actually- the potential for pranksters to get your site to call people at 3AM seems like the kind of thing I would have had way too much fun with a few years ago. Just set up a Asterisk box and get it to log incoming. Force people to enter a phone number when they register, and void the registration if you don't get a call from that number within x amount of time.
      In case people don't have a local number- cell phones being what they are and all- allow them to use pay phones, and include in
  • Run your main site on a port other than 80/443. Have another site listen to port 80 with a kind message to please go bugger off. Tell your visitors to go to the site with the other port. Make use of the robots.txt file so that site won't get indexed.

  • A few issues (Score:5, Informative)

    by Canazza (1428553) on Wednesday March 11, 2009 @06:13AM (#27147897)

    Your local audience may leave the area (either on holiday or to live) but still want to talk to people back home. This means that blanket IP Range blocking is out of the question.
    What I suggest is restrict viewing the website to people who are logged in. A default splash page for those not logged in could be shown that's minimal in graphics and text, containing just the log-in form and a 'register here'.

    To stop unwanted people registering a new account, you could to a blanket IP ban on the registration page ONLY, meaning that a local person can register at home, and then roam to wherever and still access the site.

    someone mentioned earlier this library [webhosting.info] for blocking a range of IP's by country and this PHP class [jpederson.com] that can do it too.
    Just use them on the registration page and set up a redirect for those who are not logged in (regardless of location) and you should have a nice walled in forum.

  • Referrals Only (Score:3, Insightful)

    by Secret Rabbit (914973) on Wednesday March 11, 2009 @06:23AM (#27147957) Journal

    Set-up account registration such that you can only get an account if you were referred by an existing user. You know, since you already have a good sized user base (you do, yes?). It isn't unreasonable as long as you're keeping things local. Most people should know one another, or know someone who knows someone.

    But, honestly, why are you even explaining yourself to these people. An email solely with RTFM in it with a link to the page the explains what the site is about is more than enough. Seriously, stop feeding the help vampires.

    • by debatem1 (1087307)
      help vampires? As in, vampires that help... or helpers that feed on human blood... or vampires that only attack the help...?

      insert "i'ze confuzd" cat here.
  • It is hard to think a good solution without knowing what you mean by "locals" (is there a simple offline way to get them a passphrase?), what kind of users you have (will they be thrown off from the site if they have to login?), etc.

    Anyway, something that might work and can be used together with other filtering methods mention by other people here is filtering by HTTP referrer field.

    This is assumming that your users have alternate ("local") ways of getting the URL of your site, and you don't mind being

  • Google Invitation (Score:3, Insightful)

    by Dan East (318230) on Wednesday March 11, 2009 @07:02AM (#27148161) Homepage Journal

    Use an invitation system like Google did for GMail. Each existing user would have a dozen or so invites. They enter the recipient's email address in a form on your site, and it sends a welcome email with an invite code. Those codes could only be used one time each. Locally you could spread invite codes far and wide on your hardcopy flyers, business cards, etc, with another set of codes that allowed multiple use - say 500-1000 uses per code. When that bulk code starts running low, create a new code and post new flyers. Eventually you'll get the local saturation you desire, and those public codes could be reduced so they can only be used 50-100 times before expiring. The idea is if they get into the hands of a spambot there will only be a limited number of accounts they can create.

    When a public code runs out, your website can say something like "This code has expired. You will find the latest code posted at the community bulletin board at the local post office."

    Basically your advertising will be word of mouth (where the invite codes come in), or via local hardcopy posters, flyers and business cards (bulk codes). I believe the invite system would serve as a form of viral advertising in and of itself (which is probably a major reason why Google went that route).

    Anyway, that's how I'd do it.

  • by Anonymous Coward

    Remember, locals come from all over the world. Can you think of a time when you need local news more then when you are away from home? Just keeping out visitors because some geolocation outfit made some guess about their IP range is gonna hurt a lot of innocent people. And does IP based geolocation even work with mobile phones? If you considder your forum delicate and in need of easy access for locals then frustrating even some of them some of the time will hurt.

    If its a forum you can decide to give *more*

  • www (Score:2, Funny)

    by hobbit (5915)

    Now, my Web-based board gets slammed by people from all over the world

    Have you never wondered what "www" stands for?

    • Good point. And perhaps closer to what I'm getting at. Not meaning to sound isolationist but why not an antidote to the www based on "think global but act local"? One solution we are seriously considering is establishing an intranet for the locals. Our area is small enough we could do it wirelessly with repeateers in the outlying areas....
  • Thats where darknet comes in.

  • Show users registering a photo of the city between 3 other photos from other cities. And repeat the process 2 or 3 times. If the user gets 100% success, then he is local.
    Show original photos, not photos taken from Internet where people can find where are they from.

  • Save your self time and pain of automating ip lookups. Make your landing page a login box only adn force users to authenticate prior to any access.

    Set-up a script to auto block IP addresses for a time period that fail to login 3 times.

    this is not hard.

"We learn from history that we learn nothing from history." -- George Bernard Shaw

Working...