Usually you want to get rid of Chinese hackers, Russian spammers and Nigerian scammers that are just flowing your server with bad intentions.
CSF Is a Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers.
What is the way to block all ports except 80 from everywhere except a group of countries?
There are two possibilities
This is the answer, but in not a good idea since country codes ranges are not accurate, may fail or take long time to update resulting in annoying blocks.
Example: allow incoming SMTP HTTP HTTPS to everyone and allow other services like FTP SSH POP3 IMAP DNS etc to the following countries USA Thailand and New Zealand
TCP_IN = 25,80,443
CC_ALLOW_PORTS = US,TH,NZ
CC_ALLOW_PORTS_TCP = 20,21,22,53,110,143,465,587,993,995
CC_ALLOW_PORTS_UDP = 20,21,53
Note: Ports in CC_ALLOW_PORTS_TCP/UDP should be removed from TCP_IN/UDP_IN to block access from elsewhere.
Case 2 ( recommended )
Block few countries but still allow them to reach some ports
Example: Block China Russia and Nigeria except http and https
CC_DENY_PORTS = NG,CN,RU
CC_DENY_PORTS_TCP = 1:79,81:442,444:65535
CC_DENY_PORTS_UDP = 1:65535
CSF is a powerful app and full of useful tools 100% recommended