Quick tip: Getting around IP-based geo-blocking using SSH tunnelling
Some American organisations have this really frustrating tendency to block access to their services if they think you’re outside the US based on your IP-address.
To get around this, you can rent a VM/server from any cloud hosting provider for a few minutes, and use SSH tunnelling to get around it.
This post is here mostly so I remember how to do it in 5 minutes instead of spending 30 minutes reminding myself of how it works.
Step 1: rent a box
You hopefully know how to do that, I just spun up an AWS EC2 instance in Virginia.
Step 2: add the domain you’re trying to access into /etc/hosts
Add a line like this into your /etc/hosts
:
127.0.0.1 geo-blocked-domain.com
This causes requests to geo-blocked-domain.com
to hit your local host.
This is needed for two reasons: most HTTP services these days use the Host
header to decide which of several websites hosted on one server you’re trying to access. The other reason is that your browser won’t want to connect to a HTTPS endpoint unless the domain matches the certificate.
Step 3: SSH into your rented box and forward a port
ssh -i ~/.ssh/priv_key.pem -L localhost:5443:geo-blocked-domain.com:443 ubuntu@10.243.21.247
This will connect to the server at 10.243.21.247
(change this to your rented box’s IP-address), creating an SSH port-forward from port 5443
on your machine to port 443
on geo-blocked-domain.com
on the remote machine.
Step 4: profit
Now you can connect to https://geo-blocked-domain.com:5443
and if there’s no extra tricks applied, this should load the page you were trying to access before.
So go ahead and pay your registration or toll bills, or whatever else mundane you had to do. Does it really have to be this hard?