Enable IP Geolocation in your Cloudflare panel – it should be in the Network tab.
The country code will come in HTTP_CF_IPCOUNTRY header.
Now we can add a before_action filter to block or redirect the users from a specific country (in the example below we redirect all EU countries… because who has the time to figure out GDPR):
class ApplicationController < ActionController::Base before_action :block_gdpr_countries GDPR_COUNTRIES = [ 'BE', 'EL', 'LT', 'PT', 'BG', 'ES', 'LU', 'RO', 'CZ', 'FR', 'HU', 'SI', 'DK', 'HR', 'MT', 'SK', 'DE', 'IT', 'NL', 'FI', 'EE', 'CY', 'AT', 'SE', 'IE', 'LV', 'PL', 'UK' ] def block_gdpr_countries return unless GDPR_COUNTRIES.include?(request.env['HTTP_CF_IPCOUNTRY']) redirect_to gdpr_path end end
Remember to skip this action in the corresponding controller (in our case gdpr_controller) if you use a redirect:
skip_before_action :block_gdpr_countries