Quick tip: Getting around IP-based geo-blocking using SSH tunnelling
Some American organisations have this really frustrating tendency to block access to their services if they think you’re outside the US based on your IP-address.
To get around this, you can rent a VM/server from any cloud hosting provider for a few minutes, and use SSH tunnelling to get around it.
This post is here mostly so I remember how to do it in 5 minutes instead of spending 30 minutes reminding myself of how it works.
Step 1: rent a box
You hopefully know how to do that, I just spun up an AWS EC2 instance in Virginia.
Step 2: add the domain you’re trying to access into
Add a line like this into your
This causes requests to
geo-blocked-domain.com to hit your local host.
This is needed for two reasons: most HTTP services these days use the
Host header to decide which of several websites hosted on one server you’re trying to access. The other reason is that your browser won’t want to connect to a HTTPS endpoint unless the domain matches the certificate.
Step 3: SSH into your rented box and forward a port
ssh -i ~/.ssh/priv_key.pem -L localhost:5443:geo-blocked-domain.com:443 firstname.lastname@example.org
This will connect to the server at
10.243.21.247 (change this to your rented box’s IP-address), creating an SSH port-forward from port
5443 on your machine to port
geo-blocked-domain.com on the remote machine.
Step 4: profit
Now you can connect to
https://geo-blocked-domain.com:5443 and if there’s no extra tricks applied, this should load the page you were trying to access before.
So go ahead and pay your registration or toll bills, or whatever else mundane you had to do. Does it really have to be this hard?