There are numerous tools and methods to manage traffic to web servers, and here we are going to review the steps to block/allow Apache web traffic based on origin country. You can redirect or block web traffic of your client using the GeoIP module. This would be helpful in Fraud Detection, Target Content, Spam Fighting, etc.
Installing GeoIP
GeoIP is a library that enables the user on finding the accessing IP-address’s origination. On day-to-day server management, requirements and purposes may vary and one may need to block traffic from certain countries reaching your Apache webserver. Here we are going to use the GeoIP module with apache in achieving the same. Installing GeoIP Library, GeoIP database, Apache GeoIP module, and the GeoIP update script.
# yum install epel-release # yum install GeoIP GeoIP-GeoLite-data geoipupdate mod_geoip
To verify the above installaton, you can test with ‘geoiplookup’ command and it is also important to keep the GeoIP database updated and can be achieved by ‘geoipupdate’ command. However, a cron to run ‘geoipupdate’ can be created with your frequency.
Updating Apache configuration to enable GeoIP:
Module mod_geoip handles the services in apache web server and the generic configuration file is located at
/etc/httpd/conf.d/geoip.conf.
Edit the geoip.conf file to enable GeoIP, specify the DB path and enable GeoIPScanProxy Headers.
#cat/etc/httpd/conf.d/geoip.conf <IfModulmod_geoip.c> GeoIPEnable On GeoIPDBFile/usr/share/GeoIP/GeoIP.dat GeoIPScanProxyHeaders On </IfModule> #
Blocking Country:
To block countries from accessing your webserver add Deny rules in
/etc/httpd/conf.d/geoip.conf
Example
#cat /etc/httpd/conf.d/geoip.conf <IfModulemod_geoip.c> GeoIPEnable On GeoIPDBFile/usr/share/GeoIP/GeoIP.dat <Directory /> SetEnvIf GEOIP_COUNTRY_CODE AN BlockCountry SetEnvIf GEOIP_COUNTRY_CODE BL BlockCountry # add any number of countries here based on your requirement # you can refer to the country codes in GeoIP website. Deny from env=BlockCountry </Directory> </IfModule> #
Note: Restart apache server for any changes done to take effect.
GeoIP Country Codes
Quick Reference country codes (Mod GeoIP)
/etc/httpd/conf.d/geoip.conf
Example Usage as mentioned earlier:
SetEnvIf GEOIP_COUNTRY_CODE CN BlockCountry
Hope this helped you to redirect or block web traffic of your client using the GeoIP module. If you find any difficulty in blocking/allowing Apache web traffic we can help you.
You can also check our previous blog: Remove error_log files on a cPanel server
Follow us for more updates on Facebook, Twitter, LinkedIn