How do you prevent users from certain countries from using your web app?

Question

I am trying to open a US company from India using Stripe Atlas. They keep stonewalling me with this question ...How will you screen for and prevent people in comprehensively sanctioned jurisdictions, namely Cuba, North Korea, Syria, the Crimea region of Ukraine, or Iran from using your app?My typical answer is ...Our app is only available to people who have a Gmail or Facebook or Github or Twitter account. We believe Gmail/Facebook/Github/Twitter accounts are not available in the above countries. So we cannot have customers from these countries.Their reply goes ...Thank you. We will update you in a few business days, or possibly up to a week due to a surge in interest.And then it's back to the same question ... how will you prevent people from certain countries from using your app? This has been going on for two months now.How do you prevent users from certain countries from using your web app?

LinuxBender · Accepted Answer

Most Linux distributions have a "GeoIP" package you can leverage. Another option is to pull down the country data from firehol's ip-sets [1] and use that in your application. I would suggest asking the people if either of those options is appropriate and get that in writing.[1] - https://github.com/firehol/blocklist-ipsets

derrick_jensen · Answer

Blocking Tor and IP ranges might be sufficient. CloudFlare might offer this as a service, but I'm not sure. I'd imagine using a third party would legally put you in the clear, but again IANAL