Apply Geo Protection

Worldwide, IP addresses are unique to a specific geographic location. This functionality uses this concept, and leverages the geographic location of the end-user system attempting to access your content, and either allows or deny access to it, based on the IP address.

To implement this protection, set the Enable Geo Protection slider to "On" and define the following settings:

  • Mode: Select the desired operator:
    • "Allow...": This grants access to clients that fall within the settings you apply.
    • "Deny...": This blocks clients that fall within the settings you apply.
  • Countries: Click this field and select an entire country that you want to be allowed or denied access. Each is followed by its two letter country designation (for example, "US" for United States, "BR" for Brazil, etc.). Repeat to add additional countries.
  • Regions: Click this field and select a specific country and corresponding region that should be allowed or denied access. For example, you can select individual states within the United States; provinces in Canada and China, etc. Objects are listed alphabetically, by country first, and then region. Each is followed by its two letter country designation, and abbreviated region (for example, "United States - California (US-CA)"). Repeat to add more regions.
  • DMAs (United States, only): Click this field to select a “Designated Market Area.” Repeat to add additional DMAs. A DMA is a specific region in which the population can receive the same (or similar) internet media offerings. Current entries are based on the proprietary Nielsen Media Research DMA regions. You can request specific DMA data from Nielsen, at
  • Override GEO Controls for these IPs/CIDR blocks: With your operator set to 'Deny...", input an IP address/CIDR block that exists within your specified Countries or Regions. This overrides the “Deny...” setting, allowing access to that specific IP address/CIDR Block. Repeat as necessary to add additional IP address/CIDR Blocks. You can have a maximum of 160 entries in this field.
Note: The “Override GEO Controls...” functionality only works to override a “Deny...” Mode setting for individual IP addresses within a specified Country/Region. It can not be used to override a Mode of “Allow...” (You can't use it to allow a Region, and specifically block an individual IP address—The IP Access functionality can be used to configure this.
  • Redirect request instead of Deny: Set this slider to "On" and input a complete page address in the Redirect URL field to serve as a deny destination. This URL cannot be longer than 2000 total characters. If an access attempt is denied, it is redirected to this address:
    • "Allow..." Mode: Any request outside what you have specifically configured here is denied and sent to this redirect URL.
    • "Deny..." Mode: A request that matches any value you have defined here is denied and sent to this redirect URL.
Note: The requesting client must be able to handle 302 on manifest requests to support the above functionality. It also requires that you have a page setup and accessible via the noted URL to serve as the deny destination.