Trust center

Geo access controls

Decide who can reach your project by country, region, or city — for the whole site or specific routes.

Whole-site policy

Choose how requests from any geography are handled by default.

Blocked countries

United StatesGermanyFranceBrazilJapanAustralia

Blocked cities

Saint Petersburg, RU

City-level blocking is best-effort — IP geolocation is less precise than country detection, especially on mobile networks and VPNs.

When access is denied

Choose what visitors from blocked locations actually see.

Route-specific rules

  • /adminAll except Italy & Spain
    Block
  • /checkoutCuba, Iran, North Korea
    Redirect → /unavailable
  • /api/internalOutside US, EU
    Block

Logging & audit

Track denied requests for compliance and debugging.

Log all denied requests

Recommended

Stored 30 days. View in Security → Activity.

Notify admins on spike

Slack alert if denials spike 5× baseline.