Comments on nginx: How To Block Visitors By Country With The GeoIP Module (Debian/Ubuntu)

nginx: How To Block Visitors By Country With The GeoIP Module (Debian/Ubuntu) This tutorial explains how to use the GeoIP module with nginx to block visitors by country. This is made possible by the GeoIP database which maps users' IP addresses to countries. nginx must be compiled with the HttpGeoipModule to use the GeoIP database.

14 Comment(s)

Add comment

Please register in our forum first to comment.

Comments

By: nice
Reply  

nice... lovely blocking US sites.

By: Trevor Richardson
Reply  

Exactly what we are looking for to halt request without starting the PHP process.

Thank you!

By: Grzegorz
Reply  

Its nice solution.But I host multiple small pages on one ubuntu host, and want to allow only one of my pages for specific country. How do I do that?Thank you!

 

By: InsertHost
Reply  

How I can enable access only to users in a country?

By: Leonardo
Reply  

Great!!!.

By: great job
Reply  

Thank so much.  Worked great.

By: AJ
Reply  

Will This Work for TCP block too?

By: David Rahrer
Reply  

Is there any way to make this work with different country blocks for different vhosts? I may have one site that does business with a country that others want to block, but the former still wants to block some areas - a custom mix for each vhost. Is this possible? Thanks.

By: eric
Reply  

yes you can. define multiple variables $allowed_country1-2-3 etc with different mapings, and change the if-else test with the right variable under the right vhost

By: Encino Stan
Reply  

You should also be able to route to vhost based on what country geoip looks up.

By: Mike
Reply  

I'm always getting undefined for the country code... can you pls help https://stackoverflow.com/questions/51282599/nginx-geoip-module-undefined-country-code 

By: mike
Reply  

GeoLite Legacy will not be updated anymore from March 2018:

https://dev.maxmind.com/geoip/legacy/geolite/

Will this guide be updated to use GeoLite2?

https://dev.maxmind.com/geoip/geoip2/geolite2/

 

http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz

is now

http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz

Thank you!

By: John
Reply  

"http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz

is now

http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz"

this looks identical to me

By: lbarclay
Reply  

Didn't work for me. Received error : unknown directive "geoip_country"

I added : include /etc/nginx/modules/mod-http-geoip.conf as the first line in nginx.conf; ( link to a file in /usr/share/nginx/modules )

nginix starts, but it doesn't appear to work for GeoIP blocking. Doesn't look like my IP is mapped to any geoip_country_code.

How do you allow for internal private network IP(s) / subnets to be added to an 'allowed country' for testing : 10.149.213.206