Skip to main content
Documentation

Access Control by Country

Site administrators can allow or restrict access from specified countries.

Use the Allowed Countries and Disallowed Countries settings on the Geo Blocking page to allow or block specific countries. When a user authenticates using any protocol or application, their IP address is analyzed to detect their country, and the result is compared against your settings.

The geographic location of an IP address is never exact. It is always approximated and is affected by the use of a VPNExternal LinkThis link leads to an external website and will open in a new tab or other tunneling protocol.

Using the Allowed Countries and Disallowed Countries Lists

To restrict access to a select group of countries, add them to the allowed countries list and leave the disallowed countries list empty. Users whose IP addresses are not associated with an allowed country will be blocked.

To block certain countries while allowing all others, leave the allowed countries list blank and add the restricted countries to the disallowed countries list. Users from any of the disallowed countries will be prevented from logging in.

If both lists are populated, only users from the allowed countries have access. Any country not in the allowed countries list is blocked, regardless of the disallowed countries list.

Disallowed Countries take precedence over Allowed Countries.

Interaction With IP Whitelists

The IP Whitelist setting does not override any Access Control by Country restrictions you set up.

For example, IP addresses associated with countries in your list of Disallowed Countries cannot connect, even if they are in IP whitelists.

Disallowing sanctioned or high-risk countries is typically a company-wide policy that must not be overridden or circumvented.

Authenticated versus Public Connections

Allowed Countries and Disallowed Countries settings apply only to authenticated connections from users.

Features that do not require a user account are not affected by the Allowed Countries and Disallowed Countries settings, including Share Links, Inboxes, and Public Hosting.

Logging

Files.com logs every login attempt by any user or system. When a login is attempted from a country or IP address that the Administrator has not allowed, Files.com rejects the authentication and records the attempt in the user's activity history.