GeoIP

What is Geo IP?

GeoIP is a service that converts IP addresses to their respective location on the earth. This is done by looking up the IP address in a database maintained by various Internet Service providers. Advertisers often take advantage by creating localized ads based on your location. When a person visits your website, GeoIP can determine which country, region, city, postal code, and area code the visitor is coming from. Furthermore, GeoIP can provide information such as longitude/latitude, connection speed, ISP, company name, domain name, and whether the IP address is an anonymous proxy or satellite provider.

GeoIP searches a GeoIP database from maxmindfor a given host or IP address and returns information about the country, city and/or ISP for that IP address, depending on the database version.

Getting GeoIP enabled on a server.

Install GeoIP

Login to the server via back-end and follow the below steps.

cd /usr/local/src/
mkdir geoip
cd geoip
wget http://www.maxmind.com/download/geoip/api/c/GeoIP.tar.gz
tar zxvf GeoIP.tar.gz
cd GeoIP-1.4.6
./configure
make
make install

As soon as it is installed, the database file would be installed here:

/usr/local/share/GeoIP/GeoIP.dat

We would require this path to load it with our mod_geoip.

Now download and install the mod_geoip module with the apxs tool of apache. Download the latest version from :

http://geolite.maxmind.com/download/geoip/api/mod_geoip2/

and install it as follows:

cd /usr/local/src/geoip
wget http://geolite.maxmind.com/download/geoip/api/mod_geoip2/mod_geoip2_1.2.5.tar.gz
tar -zxvf mod_geoip2_1.2.5
cd mod_geoip2_1.2.5
/usr/sbin/apxs -i -a -L/usr/local/lib -I/usr/local/include -lGeoIP -c mod_geoip.c

This should load the mod_geoip module in the httpd.conf automatically. If not, you may require to add the following line in the httpd.conf file:

LoadModule geoip_module       modules/mod_geoip.so

Now restart the apache, so that it starts using the mod_geoip module. To use mod_geoip, you would need to use the GeoIP database. Add the following two lines in your .htaccess (for account level) or httpd.conf (for server wide) to load the GeoIP database:

GeoIPEnable On
GeoIPDBFile /usr/local/share/GeoIP/GeoIP.dat

There is one more thing. If you are using cpanel, cpanel will discard this load automatically if you do not save the configuration on next apache rebuild. To save the configuration, run the following:

/usr/local/cpanel/bin/apache_conf_distiller –update

On cpanel servers, mod_geoip can also be installed by running the easyapache script.

/scripts/easyapache

On cpanel servers via WHM/Cpanel you can simply install GeoIP in cpanel servers by these steps

1)Navigating to WHM

2)click easyapache (More details here)

Using GeoIP

1. Redirect using mod_rewrite

mod_geoip supports two environmental variables : GEOIP_COUNTRY_CODE and GEOIP_COUNTRY_NAME . Code means the two letter names of a country and the Name means the official name of the country. CODE is easier to use. Here is an example on how to redirect all Chinese traffic to example.com :

RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^CN$
RewriteRule ^(.*)$ http://www.example.com [L]

This is actually a simple mod_rewrite code using one of the environmental variable supplied by mod_geoip. You can also use any mod_rewrite technique to block/redirect multiple countries at once. For example:

RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^(CN|NE|NG)$
RewriteRule ^(.*)$ http://www.another.com$1 [L]

This will redirect all the traffic from either China or Niger or Nigeria to another.com or lets say block the traffic.

2. Using SetEnvIf

You can use the SetEnvIf directive of .htaccess to block traffic and show 403 apache error page. Just add a type of the following code:

SetEnvIf GEOIP_COUNTRY_CODE CN BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE RU BlockCountry
Deny from env=BlockCountry

This will block all the traffic from China and Russia. You can use NE code for Niger or NG for Nigeria or similar code for others. If you would like to add more country in the block list just add a duplicate line with SetEnvIf and include the country name same as CN or RU.

If the server admin wants to block traffic from a specific country server wide, you would need to add one of the rule above in the httpd.conf instead of .htaccess. Just add the code before any virtualhost entry and it should work fine.