GeoIP Module for Blocking IP in http_x_forwarded_for

[anish10dec]

GeoIP module is able to block request on basis of remote address which is IP
of the remote device or user but not on basis of X-Forwarded-For IP if it
has multiple IP address in it.

There is Frontend Server( Server A) which receives the request and send it
to Intermediate Server (Server B)
We have GeoIP module installed on Intermediate Server i.e. Server B


Server B <--- Server A <---- User

When Server B , receives the request from Server A, remote address
(remote_addr) for Server B is IP of Server A.
Device/User IP is in http_x_forwarded_for field .
If http_x_forwarded_for has single IP in it GeoIP module is able to block
the IP on the basis of blocking applied. 

If http_x_forwarded_for has multiple IP i.e IP of User as well as IP of some
Proxy Server or IP of Server A, then its not able to block the request.

Below is the configuration : 

geoip_country    /usr/share/GeoIP/GeoIP.dat;
geoip_proxy       IP_OF_ServerA;       // GeoIP module ignores remote_addr
considering it as trusted and refers to X-Forwarded For

map $geoip_country_code $allowed_country {
        default no;
        US yes;
}

http_x_forwarded_for =  { User IP of UK } - Request from this IP is getting
blocked

http_x_forwarded_for =  { User IP of UK , Proxy IP of US  }  -  This request
is not getting blocked

http_x_forwarded_for =  { User IP of UK , IP of Server A  }  -  This request
is not getting blocked

It seems nginx GeoIP Module refers to Last IP in http_x_forwarded_for field
for applying the blocking method.

Is there a way to check for First IP Address in http_x_forwarded_for for
blocking the request  ?

Please suggest

Please refer this for Solution in Apache
https://dev.maxmind.com/geoip/legacy/mod_geoip2/

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,278110,278110#msg-278110