Block countries - Nginx
Aleksandar Lazic
al-nginx at none.at
Tue May 22 08:25:23 UTC 2018
On 21/05/2018 11:49, Sathish Kumar wrote:
> Hi All,
>
> I have a requirement to block certain countries coming to our website. I
> managed to achieved it using the ngx_http_geoip_module. I have a problem
> now, if the request comes through Amazon API Gateway, how can I read the
> X-forwarded-for header or block these request too.
>
> nginx.conf
> map $geoip_country_code $allow_country {
> default yes;
> SG no;
> }
>
>
> geoip_country /etc/nginx/GeoIP.dat; # the country IP database
> geoip_city /etc/nginx/GeoLiteCity.dat; # the city IP database
>
>
> domain.conf
> if ($allow_country = no) {
> return 444;
> }
You can try to use $http_x_forwarded_for in the map.
I think this blog post could point you in the right direction.
https://serversforhackers.com/c/nginx-mapping-headers
> Thanks & Regards
> Sathish.V
Best Regards
aleks
More information about the nginx
mailing list