Mod GeoIP - Deny/allow geographic access to your website Print
- allow, country, deny, geoip, maxmind, location
- 0
JSWeb partners with Spiral Hosting (https://spiralhosting.com/). All their shared/enterprise/reseller hosting servers include Mod_GeoIP, which is a database that can be used to map a website visitor's IP address to their country. This can be used to deny/allow access to your website.
Please note!
- The Mod_GeoIP database has been compiled by MaxMind, a third party provider.
- The country database is estimated to have 99.8% accuracy, but that isn't perfect, so it should not be used for critical applications.
- New IP ranges will take some time to appear in the database, or may be mapped to the wrong country initially.
- Users can always get around a country allow/deny access by using a VPN/proxy.
- Multinational corporations often have an IP range based on where their headquarters are, this could result in false positive results for these users.
- Mod_GeoIP is a legacy database, and has been replaced by Mod_MaxMindDB, but at this time it does not integrate with the Apache web server. When the new database is able to integrate with our servers, the system will be updated accordingly.
- You can find info on Mod_GeoIP here: http://dev.maxmind.com/geoip/legacy/mod_geoip2/
Enable GeoIP on your website
To enable GeoIP on your website, you must add the following 3 lines to the top of your .htaccess file:
<IfModule mod_geoip.c> GeoIPEnable On </IfModule>
If you do not have an .htaccess file, simply create one in the main directory of your website. The main directory is normally called public_html unless you are working with a sub-domain or addon domain, which will have its own directory.
GeoIP variables
The main GeoIP variables that will be made available on your website are:
GEOIP_ADDR GEOIP_CONTINENT_CODE GEOIP_COUNTRY_CODE GEOIP_COUNTRY_NAME GEOIP_REGION GEOIP_REGION_NAME GEOIP_CITY
In this guide we'll concentrate on GEOIP_COUNTRY_CODE which outputs a 2-digit ISO country code, from AF (Afghanistan) to ZW (Zimbabwe). The full list of country codes can be found here: https://www.nationsonline.org/oneworld/country_code_list.htm
We will provide four examples, to deny access, to allow access, to redirect visitors and to use in PHP code.
Example 1 - Deny access from 3 countries
In this example, the code will deny access from visitors in 4 countries, RU (Russia), CN (China), and US (United States). Add this to your .htaccess file:
<IfModule mod_geoip.c>
GeoIPEnable On
</IfModule>
SetEnvIf GEOIP_COUNTRY_CODE RU BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE CN BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE US BlockCountry
Deny from env=BlockCountry
Any users from RU, CN or US will encounter a 403 error 'Forbidden' when visiting the website.
Example 2 - Allow access from only 2 countries
In this example, the code will allow access from visitors in 2 countries only, DE (Germany) and GB (United Kingdom). Add this to your .htaccess file:
<IfModule mod_geoip.c>
GeoIPEnable On
</IfModule>
SetEnvIf GEOIP_COUNTRY_CODE DE PermitCountry
SetEnvIf GEOIP_COUNTRY_CODE GB PermitCountry
Deny from All
Allow from env=PermitCountry
Any users not from DE or GB will encounter a 403 error 'Forbidden' when visiting the website.
Example 3 - Redirect access from 3 countries
In this example, the code will redirect visitors in 3 countries (Ireland, United Kingdom, Netherlands) to another website, Google! Any other countries will be able to access the website normally. Add this to your .htaccess file:
<IfModule mod_geoip.c>
GeoIPEnable On
</IfModule>
RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^(IE|GB|NL)$
RewriteRule ^(.*)$ https://google.com/$1 [L]
Any users not from DE or GB will encounter a 403 error 'Forbidden' when visiting the website.
Example 4 - Use the variable in PHP code
In this example, we will use PHP code to output the country code and country name. Add this code to a PHP file:
<?php print "Your 2-digit country code is " . $_SERVER['GEOIP_COUNTRY_CODE'] . " so you are visiting from " .$_SERVER['GEOIP_COUNTRY_NAME'];
Or this example will print a message to visitors from Canada, then use exit() which prevents the rest of the web page from loading:
<?php if ($_SERVER['GEOIP_COUNTRY_CODE'] === 'CA') { print "Visitors from Canada are blocked."; exit(); }
We recommend implementing any country deny/allow rules or .htaccess rewrite rules in conjunction with your website developer / IT person.