Re: Block countries - Nginx

Tue, 22 May 2018 01:45:50 -0700 

Instead of the default nginx geoip module , I suggest you switch to third
party geoip2 module for two reasons:
1) maxmind deprecated geoip1 db.
2)geoip2 module can do what you wanted, and the geo lookup can be based on
any variables, such as $http_x_forwarded_for
 Frank

On Mon, May 21, 2018 at 6:37 PM Sathish Kumar <satcs...@gmail.com> wrote:

> Hi All,
>
> Is there a way, I can block the clients which is coming through load
> balancer using http geo ip module nginx.
>
>
> Currently, I can block the clients which is not coming through load
> balancer or api gateway by geo ip module.
>
>
>
>
> On Mon, May 21, 2018, 2:02 PM basti <mailingl...@unix-solution.de> wrote:
>
>> hello,
>> the way to block ip's can also be used for PTR records, I think.
>> Also as wildcard.
>>
>> On 21.05.2018 05:49, Sathish Kumar wrote:
>> > Hi All,
>> >
>> > I have a requirement to block certain countries coming to our website.
>> > I managed to achieved it using the ngx_http_geoip_module. I have a
>> > problem now, if the request comes through Amazon API Gateway, how can I
>> > read the X-forwarded-for header or block these request too.
>> >
>> > nginx.conf
>> > map $geoip_country_code $allow_country {
>> >  default yes;
>> > SG no;
>> > }
>> >
>> >
>> > geoip_country /etc/nginx/GeoIP.dat; # the country IP database
>> > geoip_city /etc/nginx/GeoLiteCity.dat; # the city IP database
>> >
>> >
>> > domain.conf
>> > if ($allow_country = no) {
>> > return 444;
>> > }
>> >
>> > Thanks & Regards
>> > Sathish.V
>> >
>> >
>> > _______________________________________________
>> > nginx mailing list
>> > nginx@nginx.org
>> > http://mailman.nginx.org/mailman/listinfo/nginx
>> >
>> _______________________________________________
>> nginx mailing list
>> nginx@nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply via email to