mirror of
https://github.com/idanoo/m2.nz.git
synced 2024-11-23 00:35:12 +00:00
44 lines
1.1 KiB
Markdown
44 lines
1.1 KiB
Markdown
|
---
|
||
|
|
title: "Geo Blocking countries with nginx"
|
||
|
|
tags: ["spam", "geo block", "nginx"]
|
||
|
|
date: "2024-04-07"
|
||
|
|
---
|
||
|
|
|
||
|
|
Quick and easy way to block entire countries using simple nginx rules.
|
||
|
|
Note this is primarily for Ubuntu/Nginx but may work on other systems
|
||
|
|
|
||
|
|
Install required fields
|
||
|
|
```shell
|
||
|
|
apt install -y libnginx-mod-http-geoip geoip-database
|
||
|
|
```
|
||
|
|
|
||
|
|
The GeoIP DB will be under /usr/shared/GeoIP/GeoIPv6.dat (Or GeoIP.dat for v4 only)
|
||
|
|
We need to add this into nginx conf:
|
||
|
|
```shell
|
||
|
|
echo 'geoip_country /usr/share/GeoIP/GeoIP.dat;' > /etc/nginx/conf.d/geoip.conf
|
||
|
|
```
|
||
|
|
|
||
|
|
Add this block under the main "http" block in nginx.conf:
|
||
|
|
```shell
|
||
|
|
# /etc/nginx/nginx.conf
|
||
|
|
map $geoip_country_code $allowed_country {
|
||
|
|
default yes;
|
||
|
|
BD no; # Country code to block - Can list mulitple
|
||
|
|
}
|
||
|
|
```
|
||
|
|
|
||
|
|
Then we need to add a simple check in our site vhost:
|
||
|
|
```shell
|
||
|
|
# /etc/nginx/sites-enabled/your_site.conf
|
||
|
|
if ($allowed_country = no) {
|
||
|
|
return 403;
|
||
|
|
}
|
||
|
|
```
|
||
|
|
|
||
|
|
Quick reload and boom! Done!
|
||
|
|
```shell
|
||
|
|
systemctl reload nginx
|
||
|
|
```
|
||
|
|
|
||
|
|
Based off an older gist found on [Github here](https://gist.github.com/dunderrrrrr/8d3fced1f73de2d70ede38f39c88d215)
|