GeoIP country blocking - whitelist specific IPs

Lasse Laursen laursen at oxygen.net
Tue Nov 13 11:02:36 UTC 2012


Hi

We use something similar to this:

geoip_country  /path/to/GeoIP.dat;

geo $allowed_ranges {
		default 0;
		1.2.3.0/24 1;
		10.0.0.0/8 1;
		127.0.0.1 1;
}

map $geoip_country_code $blocked_country {
		default 1;
		A2 0; # Satellite Provider
		O1 0; # Other Country
		AD 1; # Andorra
		AP 1; # Asia/Pacific Region
		AQ 1; # Antarctica
}

if ($blocked_country) {
	set $deny_request 1;
}

if ($allowed_ranges) {
	set $deny_request 0;
}

if ($deny_request) {	
	# Do whatever you want to do here ...
}

Hope that it makes sense? :)

L.

On Nov 12, 2012, at 9:02 PM, Infinitnet <nginx-forum at nginx.us> wrote:

> Hello NGINX users,
> 
> I'm facing a little issue with country bans over GeoIP. I'm using the
> following code within my server directive:
> 
> if ($geoip_country_code ~ (BR|CN|KR|RU) ) {
> return 123;
> }
> 
> 123 returns an error page informing the visitor that his country is blocked.
> Now let's say I've got some visitors from russia, who should still be able
> to access my website. How would I archive this? Of course something like
> "allow 1.2.3.4;" doesn't work with the code above. Any suggestions? 
> 
> Thanks in advance!
> 
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,232745,232745#msg-232745
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx



More information about the nginx mailing list