Building nginx with the ngx_http_geoip2_module module [https://github.com/leev/ngx_http_geoip2_module]
ngx_http_geoip2_module - creates variables with values from the maxmind geoip2 databases based on the client IP (default) or from a specific variable (supports both IPv4 and IPv6)
The module now supports nginx streams and can be used in the same way the http module can be used.
First install libmaxminddb as described in its README.md file.
wget http://nginx.org/download/nginx-VERSION.tar.gz
tar zxvf nginx-VERSION.tar.gz
cd nginx-VERSION
./configure --add-dynamic-module=/path/to/ngx_http_geoip2_module
make
make install
geoip2 /etc/nginx/GeoIP/GeoIP2-City.mmdb {
$geoip2_data_country_iso_code country iso_code;
$geoip2_data_city_name city names en;
}
map $geoip2_data_city_name $geo_city_perm {
Amsterdam yes;
}
map $geoip2_data_country_iso_code $geo_country_perm {
USA yes; # USA
}
geo $allow_addresses {
include /etc/nginx/GeoIP/whitelist.conf;
}
Rules will be taken into account for GeoIP:
- Data from the maxmind database: Country, City
- Whitelist under networks
include /etc/nginx/conf.d/geo_block;
- Anyone who does not fall under the geoip rules will be given the 403 http code