GEOIP module is configured in the Nginx server to intercept the designated country Ip_nginx

Recently there is a Web site project requirements: the need to block domestic requests. Take the time to study the information in this area. The best way to find it now is to use the Nginx GeoIP module to realize the region's identification. Then configure the relevant country's ISO name and prohibit access. Record the relevant process.

Compiling GEOIP components

Maxmind provides a free version of the database to meet the requirements, before using the database, you need to compile the GeoIP components:

wget http://geolite.maxmind.com/download/geoip/api/c/GeoIP-1.4.8.tar.gz
./configure
Make
Install

Download IP Library

Download the IP packets from the Maxmind and unzip them. This is the National IP packet:

wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
gunzip GeoIP.dat.gz

This is the city's IP packet:

wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
gunzip GeoLiteCity.dat.gz

After executing the above command, you will get the GeoIP.dat and GeoLiteCity.dat files. Copy the two files to the Nginx conf directory.

Compiling Nginx

Nginx does not compile this module by default, you need to turn on the--with-http_geoip_module compilation option.

The module relies on the Maxmind GeoIP library.

Configure Nginx

Next, you need to configure Nginx, and you first need to load the GEOIP packets in the HTTP blocks in the Nginx configuration file:

Geoip_country GeoIP.dat;
Geoip_city GeoLiteCity.dat;

Prohibition of country visits

Just add the following example code to the Nginx configuration of the Web site:

if ($geoip _country_code = CN) {
  deny all;
}

The configuration above indicates that access is denied as long as it is a domestic IP.

GeoIP Component Configuration Item reference

Variables related to the state in GeoIP:

$geoip _country_code #两位字符的英文国家码. such as: CN, US
$geoip _country_code3 #三位字符的英文国家码. such as: CHN, USA
$geoip _country_name #国家英文全称. such as: United States

Variables associated with GeoIP in the country:

$geoip _city_country_code #也是两位字符的英文国家码.
$geoip _city_country_code3 #上同
$geoip _city_country_name #上同.
$geoip _region #这个经测试是两位数的数字, such as Hangzhou is 02, Shanghai is 23. But did not search the relevant information, want to know the friend message.
$geoip _city #城市的英文名称. such as: Hangzhou
$geoip _postal_code #城市的邮政编码. After testing, this field in China
is empty $geoip _city_continent_code #不知什么用途, as
$geoip _latitude #纬度
$geoip _longitude #经度

Test GeoIP in PHP

First you need to introduce the properties of GeoIP in Fastcgi_params or fastcgi.conf:

Fastcgi_param geoip_country_code $geoip _country_code;
Fastcgi_param geoip_country_code3 $geoip _country_code3;
Fastcgi_param geoip_country_name $geoip _country_name;
Fastcgi_param geoip_city_country_code $geoip _city_country_code;
Fastcgi_param geoip_city_country_code3 $geoip _city_country_code3;
Fastcgi_param geoip_city_country_name $geoip _city_country_name;
Fastcgi_param geoip_region $geoip _region;
Fastcgi_param geoip_city $geoip _city;
Fastcgi_param geoip_postal_code $geoip _postal_code;
Fastcgi_param geoip_city_continent_code $geoip _city_continent_code;
Fastcgi_param geoip_latitude $geoip _latitude;
Fastcgi_param geoip_longitude $geoip _longitude;

Then add a php file to the Web directory with the following code:

<?php $geoip _country_code = getenv (Geoip_country_code);
$geoip _country_code3 = getenv (GEOIP_COUNTRY_CODE3);

$geoip _country_name = getenv (geoip_country_name);
$geoip _city_country_code = getenv (Geoip_city_country_code);
$geoip _city_country_code3 = getenv (GEOIP_CITY_COUNTRY_CODE3);
$geoip _city_country_name = getenv (geoip_city_country_name);
$geoip _region = getenv (geoip_region);
$geoip _city = getenv (geoip_city);
$geoip _postal_code = getenv (Geoip_postal_code);
$geoip _city_continent_code = getenv (Geoip_city_continent_code);
$geoip _latitude = getenv (geoip_latitude);

$geoip _longitude = getenv (geoip_longitude); Echo ' Country_code: '. $geoip _country_code. '
<br/> '; Echo ' Country_code3: '. $geoip _country_code3. '
<br/> '; Echo ' country_name: '. $geoip _country_name. '

<br/> '; Echo ' City_country_code: '. $geoip _city_country_code. '
<br/> '; Echo ' City_country_code3: '. $geoip _city_country_code3. '
<br/> '; Echo ' City_country_name: '. $geoip _city_country_name. '
<br/> '; ECho ' region: '. $geoip _region. '
<br/> '; Echo ' City: '. $geoip _city. '
<br/> '; Echo ' Postal_Code: '. $geoip _postal_code. '
<br/> '; Echo ' City_continent_code: '. $geoip _city_continent_code. '
<br/> '; Echo ' Latitude: '. $geoip _latitude. '
<br/> '; echo ' Longitude: '. $geoip _longitude. '

 <br/> ';

Access to the PHP file, it will display your current IP related geographic information.

PHP also provides a GEOIP module that requires manual compilation. You also need to load the GeoIP library. Efficiency should still be inferior to Nginx way.

Summary of common directives
1.geoip_country database;
Default Value:-
Context: http
Specifies the database that is used to obtain the country from which the client IP address is located. When using this database, the following variables are available in the configuration:

(1) $geoip _country_code
Double-word Fu home code, such as "RU", "US".
(2) $geoip _country_code3
Three characters Fu home code, such as "RUS", "USA".
(3) $geoip _country_name
Country names, such as "Russian Federation", "United States".

2.geoip_city database;
Default Value:-
Context: http
Specifies the database that is used to obtain the country, administrative district, and city of the client's IP address. When using this database, the following variables are available in the configuration:
(1) $geoip _city_country_code
Double-word Fu home code, such as "RU", "US".
(2) $geoip _city_country_code3
Three characters Fu home code, such as "RUS", "USA".
(3) $geoip _city_country_name
Country names, such as "Russian Federation", "United States".
(4) $geoip _region
The name of the country (administrative district, territory, state, province, federal jurisdiction, etc.), such as "Moscow City", "DC".
(5) $geoip _city
City names, such as "Moscow", "Washington".
(6) $geoip _postal_code
Zip.

3.geoip_proxy Address | CIDR;
Default Value:-
Context: http
This instruction appears in version 1.3.0 and 1.2.1.
Defines a trusted address. If the request comes from a trusted address, Nginx uses its "x-forwarded-for" header to obtain the address.

4.geoip_proxy_recursive on | Off
Default value:
Geoip_proxy_recursive off;
Context: http