How To Keep a Web Site Local?

Cornwallis writes "The universal accessibility of the Internet is one of its attractions. But what do you do when you don't want your board to be Slashdotted? Back in the day it was great to run a local BBS where friends and neighbors could dial in using their 9600-baud modems to pick up mail or share games or stories. Now, my Web-based board gets slammed by people from all over the world who have no reason to access it, can't possibly take advantage of the locally focused services it offers, and generally take up my time because I have to block their accounts or explain to them why they can't have access. This despite the fact that the board explains quite clearly that it is for local use only and couldn't possibly be of interest to them. Other than putting thousands of entries in my hosts file to block IP ranges, what options do I have to restrict access to locals only? Or isn't that feasible?"

.htaccess

[Norsefire]

order allow,deny
deny from all
allow from iprange
allow from iprange
allow from iprange
etc. etc.

There are websites all over the internet [google.com] that allow you to do country-by-IP-range lookups.

You could also do;

ErrorDocument 403 "Sorry, this website is only available to people living in .

(Yes, no final quotation mark).

Or don't worry, what does it hurt if people who aren't benefiting from a website visit it?

Re:.htaccess

[Anonymous Coward]

ErrorDocument 403 "Sorry, this website is only available to people living in .

Or "This is a local website for local people. There's nothing for you here."

Or don't worry, what does it hurt if people who aren't benefiting from a website visit it?

They covet the precious things.

Re:.htaccess

[fractoid]

Or "This is a local website for local people. There's nothing for you here."

Thankyou! I was hoping someone would say this. ;) Bad login attempts should lead to an error page saying "What's all this shouting? We'll have no trouble here!"

Re:.htaccess

[Anonymous Coward]

For any Americans wondering what their mad cousins, from across the pond, are talking about: http://www.youtube.com/watch?v=zOGAAlHzF4o [youtube.com]

Re:

[BotnetZombie]

With twelfty sub-pages in the store, and twelfty links on each, what more do you need?

Re:

[Kazoo the Clown]

What about when local people are just out of town but would like to access local services? For example, someone might want to use a local service to schedule a local meeting in LA while they are out of town on business in New York...

Re:.htaccess

[cbiltcliffe]

Or "This is a local website for local people. There's nothing for you here."

You are in a maze of twisty little web pages, all alike.

Re:

[Hordeking]

Or, more likely, he doesn't want to pay for bandwidth and cpu usage for people who have nothing to do with what his server offers.

The big problem, however, with restriction-by-location is that users who are away from home but still want to check the board are going to be restricted.

Here's a solution: Only let them reguster if their IP is local. Local accessors need not be logged in, however, in order to use the site from a non-local IP, they must log in with their pre-established credentials.

It won't stop visitors to your home page, but it will cut down on a lot of other usage of your server.

You can automate it

[an.echte.trilingue]

While it does involve having thousands of addresses, this kind of thing is pretty easy to automate, given what your goals are. For example, I use this tool [webhosting.info] to determine which country my visitors are in and display the relevant contact information (show the French address to people in France, the Belgian one to people in Belgium, etc). I have a cron job set up to update the database once a week; it is fully automatic and very reliable.

If you need to be more specific, this guy [jpederson.com] has a php class that can supposedly give you information as specific as city, or you can write your own using the db you can download here [hostip.info], although I can't personally vouch for either. You could also parse the hostnames in your server and only allow service providers in your area.

Also, google code [google.com] has a really good tutorial for a client side application if your server is limited in its capabilities.

Either way, it sounds from the summary like you have access to a database of ip address ranges you want to allow. Just set up a cron job to download it and parse it.

Re:

[xaxa]

Implementing something like this brings problems if there's no way to get around it. For instance, many multinational companies have only one point of presence on the Internet, which can be shared by offices in different countries. At the last one I worked at, the PoP was in France, so even thought I was in England many websites would appear in French, and a few "UK only" services didn't work.
Same with people on holiday, or people who use a mobile phone to access the web.

If the website really isn't interest

Non-local trolling would be blocked?

[Mathinker]

> who cares about the library shutting an hour earlier on Thursdays and the
> graffiti on the bus shelter, except the people living there?

It might be fun to troll even if you don't live there. If only local access were allowed, then the population of possible trolls would be much smaller.

Like everything else it's a tradeoff between the benefits, and the disadvantages (in this case, probably the main disadvantage is blocking access to some people who should have it).

Re:Non-local trolling would be blocked?

[PIBM]

The easy solution would be to only apply the limitation on account creation. Just have to prove once that you live in the area!

Re:.htaccess

[Haeleth]

There are websites all over the internet [google.com] that allow you to do country-by-IP-range lookups.

You could also do;

ErrorDocument 403 "Sorry, this website is only available to people living in .

And then brace yourself, because you're going to get an earful from the next local person who tries to catch up with her friends back home while she's on holiday, only to be told that she's banned because she's "not local".

Re:.htaccess

[andy.ruddock]

Or allow access to all registered users, but only allow "local" access to the signup page.

Re:

[tomhudson]

.htaccess file and user names/passwords.

Information wants to be free

[Anonymous Coward]

Copyright doesn't exist. You don't have the rights to keep your information for yourself. You MUST share it with all us and everybody as the rights to copy and use it.

or so I have been told here on slashdot.

PS. Apple users suck.

Re:

[pipatron]

And you seem to be one of those that doesn't understand what "Information wants to be free" means, and how the question in the article actually shows one of the ideas behind that sentence.

The meaning with "Information wants to be free" is that it is very very difficult to contain information. You can't stop it from spreading, even if you would like to. It doesn't matter if you don't want it to be free or open, it will spread anyway.

Blocking some people from a website is also bound to fail, maybe not for t

Re:

[Dan East]

There would likely be very significant problems from filtering by IP address. In our rural town, the local DSL usually shows up as a major city over 100 miles from here. We have significant usage by several other ISPs of varying types - cable, dial-up, multiple ad-hoc WiFi providers, satellite, etc. Because of our poor rural internet coverage we have a number of people resorting to satellite and cellular providers (even though the cell service is only around 200 Mbps).

So I don't know about that town, but

Re:

[Jellybob]

Your cell service is *only* around 200Mbps.

Where do you live? I want to move there right now. I work for an ISP, and we *only* get around 100Mbps down fibre to the office.

Re:

[John Hasler]

> So I don't know about that town, but it would be impossible to restrict access by IP
> address in these parts. Or at least you would have to allow potential access to many
> millions of people...

That would be three orders of magnitude better than allowing access to six billion people.

Re:

[tttonyyy]

iptables -A INPUT -s ! 192.168.0.0/16 -j DROP

That should keep those pesky non-locals out. ;)

Re:.htaccess

[JWSmythe]

I'm on the 10.0.0.0 network, you insensitive clod! :)

Re:.htaccess

[jsiren]

iptables -A INPUT -s ! 127.0.0.0/8 -j DROP

That should keep those pesky non-locals out. ;)

There, fixed that for you.

Re:

[jellomizer]

That should work for some cases however if you still have dial-up users say the 3 AOL users who are left. who dial in then gets their analog gets routed on a wan to their ISP in California then back to your site who would block it. Or if they have satellite internet, or even cell phone connection. I just checked my iPhone over Edge and it says I am from DC Let me tell you that I am not in DC or even near it.

Or People with Proxys, VPNs, people who are actually from the areas but just isn't there quite yet.

Re:

[Lord Ender]

Why do that when you could just set the TTL on the IP packets? There was a dailyWTF article about the mystery of email that couldn't go farther than 1000 miles; it was eventually discovered that TTL was the reason.

Advertisers

[tepples]

Or don't worry, what does it hurt if people who aren't benefiting from a website visit it?

The local advertisers won't pay for hits outside the target area.

Who are locals?

[TheLink]

How do you define locals?

If it's just people living in a small area - like friends and neighbours, how about having your server only serve to anyone on a wifi network you set up for that purpose?

Re:

[Frosty Piss]

Ask yourself: What would RMS say?

Re:

[TheLink]

RMS isn't the one asking the question. For him local could mean something totally different from what cornwallis means.

I think we need more info to provide a useful answer to cornwallis.

So what does cornwallis really mean by local?

Re:

[Nutria]

What would RMS say?

Royal Mail Ships don't say much, if anything, at all.

Re:Who are locals?

[Z00L00K]

Have a credibility check page - like checking if someone knows about a local detail that's known by the locals.

"What was the color of the church at Elm Street before 2004?"

And you may want to be careful with IP address filtering since that can result in unexpected disadvantages when a local is out traveling.

People travel.

[Futurepower(R)]

Yes, exactly: "... you may want to be careful with IP address filtering since that can result in unexpected disadvantages when a local is out traveling."

Don't expect that your users stay in one place.

Do expect that they sometimes travel to other countries.

Re:People travel.

[azaris]

Don't expect that your users stay in one place. Do expect that they sometimes travel to other countries.

I was going to suggest this, then realized his users are likely to be Americans.

Re:

[Haeleth]

Even Americans travel. Suppose his website's in Florida: he presumably wouldn't want Alaskans using it, because they're even further from being "local" than many foreigners. So any regional blocking would be at the state level, or possibly even the city level. And that means travellers wouldn't have to be abroad to be inconvenienced.

Re:People travel.

[WindBourne]

Do expect that they sometimes travel to other countries.
I was going to suggest this, then realized his users are likely to be Americans. The funny thing is, that this is true of all large countrys citizens that do not live near a border. For example, how many ppl in France, German, or even England go into Africa? Or America? Or Australia? All of the Michigan , Wisconson, Minnesota folks I know HAVE been into Canada. Likewise, all the West Texas, NM, Southern CO, AZ, Southern Nevada, Southern CA ppl that I know have also hit Mexico. The ppl that have never been out of the country tend to be those in the middle. Of course, they have all traveled more than 1000KM away. And the simple fact is, that for us Coloradoans, we see major cultural differences . The difference between a West Canadian vs East Candian has about the same difference; Love their country, but different mind sets.

What is funny, is that it get the average EU person to travel similar differences would mean that they travel from Western europe into just east of middle Africa, or that they go into the middle east, OR that they go into central africa. How many do that? Damn few. And South Americans do even less traveling.

Re:

[dintech]

Most people have trouble actually listing all fifty states, never mind the capitals. Americans or not. The general populace isn't as educated as you would like to think.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[dintech]

When you have an attitude like that, no there isn't. Please stay at home, you wouldn't like the food here. :)

Re:

[lightversusdark]

My BlackBerry, when on T-Mobile UK, had an IP address in a block that was geolocated as being in Germany. Since moving to Orange, I occasionally have an IP that looks up as being in France.

As a result, I have often been locked out of my internet banking, as they identify this as suspicious / potentially fraudulent activity, unless I have informed them that I am going to be abroad.

I have to physically go to a branch of my bank with two forms of ID to reactivate my online banking. Consequently I don't use int

Good question, but...

[Anonymous Coward]

...I doubt Slashdot can make a good assessment without taking a look at the site. Mind posting the URL?

Re:Good question, but...

[MichaelSmith]

I'll ask 4chan to help. Looks like a big job.

Re:

[4D6963]

Nope, but Slashdot is, or so you would believe sometimes.

Easier option

[MountainMan101]

Would it not be easier to approve individuals than spend time unapproving anyone not from your little community. Do you threaten the intruders with pitchforks whilst crying "Are you local????".
Facebook is open to the world, but still manages to sustain small communities / groups. It's not impossible.

You could restrict your website to 127.0.0.1 - that's very local. Or you could wire all the houses together on a private subnet.

Re:

[Frosty Piss]

Really only two choices: GeoID and Registered Only, with a valid matching pair of city/zipcode (city/zip databases are widely available).

Re:Easier option

[X0563511]

Best to only apply this restriction to account creation. Requiring them to be local when they make the account is entirely understandable, but blocking them from logging in while traveling is not.

Re:Easier option

[Anonymous Coward]

Best to only apply this restriction to account evolution.

Fixed that for y... wait, what?

evolution vs. creation of computer resources

[reiisi]

Actually, that's not just a joke.

The differences between creation privileges and evolution privileges might be significant. At least, you do want to examine the issues of context relative to the evolution of the resources your site maintains.

Why use a tech solution?

[Macthorpe]

Get some paper, pin it up around the neighbourhood with a private key. Ensure that people can't create an account or access the boards without the private key.

Am I missing something? Why use an overly technical solution when some paper and pens will fix the whole thing?

Re:Why use a tech solution?

[jschen]

I agree that this probably should not be solved purely on the technology end of things. One of the great things about the Internet is that one can access things from most anywhere. Your website may cater to locals, but you need to consider the possibility that someone who is generally local to the area but currently elsewhere might want to access the site. That's a pretty serious problem for filtering based on geography.

Re:Why use a tech solution?

[Jurily]

That's a pretty serious problem for filtering based on geography.

No kidding. Basically, anyone who thinks geography-based filtering is a good idea should be shot. Imagine moving 2000 miles, then being told by some braindead webdesigner you can't talk to your friends anymore.

Re:

[nacturation]

No kidding. Basically, anyone who thinks geography-based filtering is a good idea should be shot. Imagine moving 2000 miles, then being told by some braindead webdesigner you can't talk to your friends anymore.

As others have pointed out, you only need to enforce this when creating the account. Once you have an account, there's no need to do any filtering.

Also, you're assuming this is some kind of social networking site where the goal is to talk to your friends. What if it's an association for condo owners in a specific building? If you move 2000 miles, you're no longer welcome at the site because you don't live there anymore. If you made friends in your building, follow them on Facebook not on some specialist

Re:

[Amazing Quantum Man]

What if it's an association for condo owners in a specific building? If you move 2000 miles, you're no longer welcome at the site because you don't live there anymore.

Two words: "Absentee Landlord".

My father-in-law owned a condo in the same complex where I lived. He moved to FL and rented out the condo. He obviously needs access to that site.

Re:Why use a tech solution?

[1u3hr]

No kidding. Basically, anyone who thinks geography-based filtering is a good idea should be shot. Imagine moving 2000 miles, then being told by some braindead webdesigner you can't talk to your friends anymore.

Happens to me a lot. I'm in Hong Kong. I find some US ISPs (like AOL) bounce my mail solely based on my location. And much media (even some on Youtube) is blocked geographically. Even some porn sites block me.... And other sites insist on giving me Chinese versions of their web pages, with no option to choose English. Highly irritating to go to Google.com and find myself redirected to Google.com.hk. (Yes, I have workarounds now, still annoying.)

Re:

[Jurily]

Yes, I have workarounds now, still annoying.

I set up a proxy for myself on my old computer back home, just for this purpose.

Re:

[stephanruby]

Local trivia was suggested. This private key on paper is a second idea. A third is that you use an invite-only system, just like gmail did at the beginning.

Also, I'd place an invisible link in your web site somewhere, to catch the spiders refusing to follow your robots.txt guidelines (note that even the googlebot sometimes does not always follow that directive, or that many illegitimate spiders will sometimes label themselves as the googlebot to avoid getting blocked, so be careful if you don't want to mes

Link plz

[Anonymous Coward]

Give us a link to the board, we need to have a look at it before we can properly assess the best way to 'keep it local'.

MaxMind + PHP?

[shri]

If you use PHP, consider getting Maxmind and filter on its city / country databases.

IP to location database, SMS

[nacturation]

Download a database of IP address to location, then do a lookup. If it's within your state, for example, then allow access. Otherwise, send them to a "sorry" page with contact info in case they really are local and you need to add an exception.

Or implement SMS verification on account signup that only allows your area code and then do manual review, perhaps using a community approval process.

Probably one option only

[EdIII]

Other than putting thousands of entries in my hosts file to block IP ranges, what options do I have to restrict access to locals only? Or isn't that feasible?

Your really asking the impossible. The Internet is fundamentally designed to share data across the various networks that comprise it. I understand your desire to keep costs down (time+bandwidth), but if for some reason you are having large numbers of users visit your site that is raising your costs, there is practically nothing you can do that you ar

Why you gotta be like that?

[QuantumG]

You have no idea what is of use to other people. Maybe they're thinking of visiting your local area. Maybe they have friends that live there. Maybe they're thinking of setting up a similar board for their own area and want to know how yours is going. Put down your ego for a minute.

Re:

[Yvanhoe]

Maybe they are locals who happen to be visiting Japan...
If you put a website on internet, then want to restrict its geographical zone of use, you are doing something wrong. You can make a community group by selecting the individuals but that is about it.

Re:

[X0563511]

Local dating site, without having all those phishing jackasses start crawling all over it... that would be a very good reason.

How about restricting acount creation to local IPs based on something like Maxmind or GeoIP, but allow them to log into already existing accounts from elsewhere (for instance, if they are currently out of the area)

Moot?

[Anonymous Coward]

I'd put good money on this being 4chan

whitelist

[n3tcat]

Get a list of local ip ranges from local ISPs and whitelist them in your firewall. It'll take a lot of work, but that's what happens when you work against the openness of the internet.

It's easy

[Jane Q. Public]

Just make it members only, and implement a signup procedure. Lots of sites do this; it's relatively easy.

Re:

[palegray.net]

The submitter already requires a user account to use his system. Hence the part in the story about spending a lot of time deleting accounts.

Re:

[Jane Q. Public]

Then maybe it's not made clear up front that the site does not pertain to them. Personally, I am pretty selective about what sites I will bother to sign up on (Slashdot was my last major mistake), and I find it hard to believe that given enough information to know that the site does not pertain to them, they sign up anyway.

Re:

[1u3hr]

I find it hard to believe that given enough information to know that the site does not pertain to them, they sign up anyway.

Spammers will sign up to any and every forum they can. Some automated, some sweatshops i INia do this all day long. Any forum, on any subject, if you allow automatic registration, will be full of spam in a few weeks or months if not moderated.

Re:

[Jane Q. Public]

Sorry but I disagree. This last year I have worked on a major commercial website, with extremely easy signup, and not even any captcha (we got rid of the captcha about 8 months ago). Spam has been a very minor problem if at all.

Re:

[1u3hr]

Either you had some filtering (eg, IP blocking) you were unaware of or very active moderators. Otherwise, you might as well walk naked though Central Park at midnight.

Re:

[rtb61]

I think the person is after a fully automated solution that requires no maintenance. One of those local boards where people offer service in their local area to other people, possibly a barter board or the like.

They are now learning one the internet biggest lessons, creating a web site is a relatively simple thing, keeping it running and up to date is a never ending chore and the more interactive it is, the more maintenance required.

There really are no quick easy solutions, which is of course why some

Trick question on the user registration form

[flux]

Make the user registration form (mandatory to access said services) ask a mandatory piece of information: location. City, town, or what ever your target population is described by. If the answer is not what you want, give the account, but make the website just as defunct as it used to be before making the account. :-)

Local Capthca

[jannic]

Implement something similar to a captcha: Ask questions only people from your neighborhood can answer. Make sure the answers are not too easily found by using google.

Local Captcha + Obfuscation

[slifox]

This is a pretty insecure authentication mechanism, because it necessarily has to be simple -- so you'll want to use some obscurity as well.

Make sure that if the incorrect answer is given, the user is redirected to a 'login success' page that has minimal and outdated content.
They will quickly lose interest and leave.

If you redirect to a 'login error' page, then they may try harder to get in.

Another approach would be to distribute (multiple or a single) SSL client keys to all your neighbors.
Then its a simple

local knowedge

[1u3hr]

We have a forum for our village.

A couple of years ago we started to get a lot of people signing up from China, India, Russia etc and then posting spam. So now, to register with the forum you have to answer a question that requires you have some local knowledge. That gets rid of most automatic signups. And secondly, the accounts are not activated automatically but have to be approved by an administrator. So we delete those with spammy URLs in their signatures ("Buy WOW gold" seems to be a common variety). In a small community, the number of real local people siging up is a few per week. Maybe a couple of spammers get past that in a month, and then their posts and accounts are quickly deleted.

Re:

[Richard Fairhurst]

I run our town website. 1,000 registered users but very, very little spam - over seven years I think I can count the amount of spam from China and Russia on the fingers of one hand.

Two reasons. One: a completely bespoke system, hand-crafted from finest dodgy Perl and inefficient SQL. Put simply, if you're not running phpBB or something well-known like that, they're simply less likely to find you. These guys search for phrases like "powered by punBB" to find targets.

Two: postings in the news, events and

Easy...

[FauxReal]

Make all potential users send scanned copies of at least forms of ID, one with a local address and a copy of any utility bill or credit report.

Callback/SMS

[hab136]

One previously common method of authentication was call-back. You give the site your phone number, then then site calls you (and you press a digit, or answer with your modem).

Nowadays the equivilent is SMS. When they sign up, have them put in their cell number to receive an SMS, then require them to enter that code to continue. You can send SMSes via email for most carriers, so no equipment on your end. Only allow SMSes to your area code and local carriers. For people without cell phones, have them enter their landline phone number and then have a human call them.

Re:

[oneiros27]

In that case, I'd fail. (and I'm even a town commissioner).

I have no landline, and my cell phone's area code is from another state -- when I moved to the area, I was at my dad's house when I called to move my cell phone's area, and they asked me where I was, and I told them, and they assigned me a phone number in Virginia.. I explained that no, I wanted a DC or Maryland phone number, and they told me that if I wanted to pick my number, they'd charge me some obnoxious amount. (well, it seemed obnoxious at

Re:

[debatem1]

I'd reverse this, actually- the potential for pranksters to get your site to call people at 3AM seems like the kind of thing I would have had way too much fun with a few years ago. Just set up a Asterisk box and get it to log incoming. Force people to enter a phone number when they register, and void the registration if you don't get a call from that number within x amount of time.
In case people don't have a local number- cell phones being what they are and all- allow them to use pay phones, and include in

Re:

[debatem1]

Still have pay phones though, right? And almost everybody has a neighbor. Obviously you don't want the "we'll call you right back" approach if you're doing that, but a call-in from any local number seems like a pretty low standard to meet.

other port + robots.txt

[Errtu76]

Run your main site on a port other than 80/443. Have another site listen to port 80 with a kind message to please go bugger off. Tell your visitors to go to the site with the other port. Make use of the robots.txt file so that site won't get indexed.

A few issues

[Canazza]

Your local audience may leave the area (either on holiday or to live) but still want to talk to people back home. This means that blanket IP Range blocking is out of the question.
What I suggest is restrict viewing the website to people who are logged in. A default splash page for those not logged in could be shown that's minimal in graphics and text, containing just the log-in form and a 'register here'.

To stop unwanted people registering a new account, you could to a blanket IP ban on the registration page ONLY, meaning that a local person can register at home, and then roam to wherever and still access the site.

someone mentioned earlier this library [webhosting.info] for blocking a range of IP's by country and this PHP class [jpederson.com] that can do it too.
Just use them on the registration page and set up a redirect for those who are not logged in (regardless of location) and you should have a nice walled in forum.

Referrals Only

[Secret Rabbit]

Set-up account registration such that you can only get an account if you were referred by an existing user. You know, since you already have a good sized user base (you do, yes?). It isn't unreasonable as long as you're keeping things local. Most people should know one another, or know someone who knows someone.

But, honestly, why are you even explaining yourself to these people. An email solely with RTFM in it with a link to the page the explains what the site is about is more than enough. Seriously, stop feeding the help vampires.

Re:

[debatem1]

help vampires? As in, vampires that help... or helpers that feed on human blood... or vampires that only attack the help...?

insert "i'ze confuzd" cat here.

Perhaps using HTTP referrers?

[TrixX]

It is hard to think a good solution without knowing what you mean by "locals" (is there a simple offline way to get them a passphrase?), what kind of users you have (will they be thrown off from the site if they have to login?), etc.

Anyway, something that might work and can be used together with other filtering methods mention by other people here is filtering by HTTP referrer field.

This is assumming that your users have alternate ("local") ways of getting the URL of your site, and you don't mind being

Google Invitation

[Dan East]

Use an invitation system like Google did for GMail. Each existing user would have a dozen or so invites. They enter the recipient's email address in a form on your site, and it sends a welcome email with an invite code. Those codes could only be used one time each. Locally you could spread invite codes far and wide on your hardcopy flyers, business cards, etc, with another set of codes that allowed multiple use - say 500-1000 uses per code. When that bulk code starts running low, create a new code and post new flyers. Eventually you'll get the local saturation you desire, and those public codes could be reduced so they can only be used 50-100 times before expiring. The idea is if they get into the hands of a spambot there will only be a limited number of accounts they can create.

When a public code runs out, your website can say something like "This code has expired. You will find the latest code posted at the community bulletin board at the local post office."

Basically your advertising will be word of mouth (where the invite codes come in), or via local hardcopy posters, flyers and business cards (bulk codes). I believe the invite system would serve as a form of viral advertising in and of itself (which is probably a major reason why Google went that route).

Anyway, that's how I'd do it.

Be carefull with GeoIP stuff

[Anonymous Coward]

Remember, locals come from all over the world. Can you think of a time when you need local news more then when you are away from home? Just keeping out visitors because some geolocation outfit made some guess about their IP range is gonna hurt a lot of innocent people. And does IP based geolocation even work with mobile phones? If you considder your forum delicate and in need of easy access for locals then frustrating even some of them some of the time will hurt.

If its a forum you can decide to give *more*

www

[hobbit]

Now, my Web-based board gets slammed by people from all over the world

Have you never wondered what "www" stands for?

Re:

[account_deleted]

Comment removed based on user account deletion

Darknet

[hesaigo999ca]

Thats where darknet comes in.

Show users registering a photo of the city

[FedeTXF]

Show users registering a photo of the city between 3 other photos from other cities. And repeat the process 2 or 3 times. If the user gets 100% success, then he is local.
Show original photos, not photos taken from Internet where people can find where are they from.

Authenitcation

[hal9000(jr)]

Save your self time and pain of automating ip lookups. Make your landing page a login box only adn force users to authenticate prior to any access.

Set-up a script to auto block IP addresses for a time period that fail to login 3 times.

this is not hard.

GeoIP

[NynexNinja]

http://sourceforge.net/projects/geoip/ [sourceforge.net]

Re:

[Phroggy]

Let's say someone want's to go there (ie: vacation or move there) and would like a 1st hand account of what its like. ("How hot is it in the summer?" or questions like that).

Presumably, this site is not an appropriate forum for those kinds of questions. The local Chamber of Commerce should have a site targeted at visitors.

Re:

[X0563511]

Did you even read the whole post? The submitter gives plenty of reasons why they want this. It's their site, they can do what the hell they want. Either provide an answer or something else constructive, or STFU.

Re:

[N1AK]

Did you even read the whole post?

He started by accusing a guy he has never met of being a dick for wanting to control access to a resource he provides, I seriously doubt whether he read the article or not would have any affect on his inability to interact via the internet.

Re:Hmmm....

[davmoo]

And it sounds like you've never had to pay for things like bandwidth and server space out of your own pocket. Maybe he wants to keep it small because that's what he can afford. Information may want to be free, but the infrastructure to host it never is.

Re:

[MichaelSmith]

Have a shared killfile, then turn it inside out.

Re:

[AlXtreme]

Redundant, sheesh. It's hard to be redundant when your post all but answers the f-ing question.

Mods: I don't know what you're smoking today, but I could use some.