Restricting Access by Country

The Allow Country (i.e., ec_country_allow) and the Deny Country (i.e., ec_country_deny) parameters may be used to restrict access by the country from which the request originated.

Restriction	Parameter	Description
Allow	ec_country_allow	This parameter only allows requests that originate from one or more specified countries. Requests that originate from all other countries will be denied access.
Deny	ec_country_deny	This parameter denies requests that originate from one or more specified countries. Requests that originate from all other countries will be allowed.

An alternative method for restricting access by country is the Country Filtering feature. This feature is available from the Country Filtering page. The Country Filtering feature is applied to all platform-specific traffic and therefore doesn’t require the use of tokens, which reduces setup time.
Learn more.

Key information:

These parameters may be set to any two-letter ISO 3166 country code.

View a list of valid country codes.
Specify multiple countries by separating each country code with a comma (as shown below).
US,GB,MX,FR
- Do not add a space when delimiting countries. Country codes that are preceded by a space will be excluded from a token’s requirements.
Country codes are case-insensitive.
In the atypical scenario where a token contains both the Allow Country and the Deny Country parameters, the Allow Country parameter (i.e., ec_country_allow) takes precedence over the Deny Country parameter (i.e., ec_country_deny).

Sample Scenario

Set the Allow Country parameter to the following value to only allow requests from the United States, Mexico, and Canada:

ec_country_allow=US,MX,CA

A request submitted from any other country will be denied if it leverages a token generated using the above parameter.