idanoo/m2.nz
1
0
Fork 0
mirror of https://github.com/idanoo/m2.nz.git synced 2024-11-22 16:25:13 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add new post

Browse Source
This commit is contained in:
Daniel Mason 2024-04-07 10:59:01 +12:00
parent 5a58cc4020
commit 1189975161
Signed by: idanoo
GPG Key ID: 387387CDBC02F132
1 changed files with 43 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
content/posts/nginx_geo_block.md Normal file
View File

@ -0,0 +1,43 @@
---
title: "Geo Blocking countries with nginx"
tags: ["spam", "geo block", "nginx"]
date: "2024-04-07"
---
Quick and easy way to block entire countries using simple nginx rules.
Note this is primarily for Ubuntu/Nginx but may work on other systems
Install required fields
```shell
apt install -y libnginx-mod-http-geoip geoip-database
```
The GeoIP DB will be under /usr/shared/GeoIP/GeoIPv6.dat (Or GeoIP.dat for v4 only)
We need to add this into nginx conf:
```shell
echo 'geoip_country /usr/share/GeoIP/GeoIP.dat;' > /etc/nginx/conf.d/geoip.conf
```
Add this block under the main "http" block in nginx.conf:
```shell
# /etc/nginx/nginx.conf
map $geoip_country_code $allowed_country {
default yes;
BD no; # Country code to block - Can list mulitple
}
```
Then we need to add a simple check in our site vhost:
```shell
# /etc/nginx/sites-enabled/your_site.conf
if ($allowed_country = no) {
return 403;
}
```
Quick reload and boom! Done!
```shell
systemctl reload nginx
```
Based off an older gist found on [Github here](https://gist.github.com/dunderrrrrr/8d3fced1f73de2d70ede38f39c88d215)