Country / CIDR banning

Igor Sysoev is at rambler-co.ru
Mon Aug 3 09:13:43 MSD 2009


On Mon, Aug 03, 2009 at 09:58:39AM +0800, Shri @ DevLib.Org wrote:

> We've been getting an extraordinary amount of spam from a few IP ranges (hosting proxies) and countries (Nigeria for example) on our classifieds section.
> 
> Mod Geo_IP
> =============
> http {
>     geoip_country  /usr/local/share/max/GeoIP.dat;
> ......
> =============
> and the result would be in $geoip_country_code 
> 
> How would I ban based on this result ... for the whole server? 
> 
> Banning by CIDR
> In Apache a simple Deny from CIDR would work in the Directory / section. 
> 
> How can I do this in Nginx?

For small number of CIDR it's better to use deny/allow:
http://wiki.nginx.org/NginxHttpAccessModule

For large number (> 20-50) it's better to use
http://wiki.nginx.org/NginxHttpGeoModule

geo $forbidden) {
    default          0;
    192.168.1.0/24   1;
    192.168.5.0/24   1;
    ...
}

   if ($forbidden) {
       return 403;
   }

As to countries' CIDR, you may get them from GeoIP.dat using
contrib/geo2nginx.pl
This is better then testing $geoip_country_code.


-- 
Igor Sysoev
http://sysoev.ru/en/





More information about the nginx mailing list