Issue 188: security: Implement IP-based Geoblocking middleware for restricted jurisdictions

[AlAfiz]

Description

As a DeFi protocol launching on Mainnet, we must be careful about regulatory compliance. Certain jurisdictions (like OFAC-sanctioned countries) cannot be allowed to access our frontend API.
We need to implement a geoblocking middleware that reads the incoming request's IP address, checks it against a GeoIP database, and blocks access if they are from a restricted region.
This protects the core team from legal liability during the Wave 3 launch.

Requirements

• Install the geoip-lite npm package.
• Create a restrictedRegions.js array containing standard ISO country codes to block (e.g., ['KP', 'IR', 'SY']).
• Create a middleware that reads req.ip (or req.headers['x-forwarded-for'] if behind a proxy) and looks up the country.
• If the country is in the restricted list, return a 451 Unavailable For Legal Reasons HTTP status code.

[CmxTop]

@CmxTop has applied to work on this issue as part of the Stellar Wave Program's 3rd wave.

I'd like to implement the IP-based geoblocking middleware using geoip-lite, reading req.ip or x-forwarded-for, checking against a restrictedRegions.js blocklist of ISO country codes, and returning 451 Unavailable For Legal Reasons for restricted jurisdictions

ℹ️ Repo Maintainers: To accept this application, review their application or assign @CmxTop to this issue.