You can use custom code added to your theme's functions.php file to achieve country blocking. Here's a basic example of how you might implement country blocking using a function in WordPress:

function custom_country_blocking() {

    // Get the visitor's IP address -

    $visitor_ip = $_SERVER['REMOTE_ADDR'];


    // List of country codes to block

    $blocked_countries = array('CN', 'RU', 'IN'); // Add the country codes you want to block


    // Perform IP-based country lookup

    $ip_info = json_decode(file_get_contents("{$visitor_ip}/json"));


    if (in_array($ip_info->country, $blocked_countries)) {

        // Display an error message or redirect the user

        wp_die('Access from your country is not allowed.');



add_action('wp', 'custom_country_blocking');


In the example above:

  1. The function custom_country_blocking is hooked to the wp action, which runs on every page load in WordPress.

  2. The visitor's IP address is obtained from the $_SERVER['REMOTE_ADDR'] superglobal.

  3. An array called $blocked_countries contains the two-letter country codes of the countries you want to block. You can add or remove country codes as needed.

  4. The function uses the IP address to perform an IP-based country lookup using the service.

  5. If the visitor's country code is found in the $blocked_countries array, the function displays an error message using wp_die(). You can customize this part to suit your needs, such as redirecting the user or showing a different message.

Please note that this is a basic example and may not cover all scenarios. Additionally, IP-based country blocking is not foolproof, as IP addresses can be spoofed or routed through other countries. It's important to thoroughly test and consider the potential impact on legitimate users before implementing such blocking.

If you're not comfortable with coding or if you want a more robust solution, using a dedicated security plugin with country blocking features is often recommended.