Country banning

Jim Ohlstein jim at ohlste.in
Sat Aug 29 19:41:16 MSD 2009


We're dealing with a high degree of fraud from certain countries and 
would like to simply ban all IP's from those countries.

I seem to recall reading here that using the Geo module is more 
efficient for this purpose than the GeoIP module.

Currently I have the following in nginx.conf:

geo $country {
    include geo.conf;
}

where geo.conf is generated from MaxMind country lite csv database using 
geo2nginx.pl supplied with nginx.

In the site config I have multiple if statements like:

server {
    ...

    if ($country = XX) {
        return 403;
    }

    if ($country = YY) {
        return 403;
    }

    if ($country = ZZ) {
        return 403;
    }

...

}

Is this more efficient than using GeoIP module? Is there a more 
efficient way of doing this?

Jim

   






More information about the nginx mailing list