mod_geoip + httpd

mod_geoip + httpd

참고 원문 사이트

https://www.tecmint.com/install-mod_geoip-for-apache-in-centos/
https://xinet.kr/?p=2711

설치

yum install epel-release
yum install mod_geoip GeoIP GeoIP-devel GeoIP-data zlib-devel

DB 업그레이드?

# cd /usr/share/GeoIP/
# mv GeoIP.dat GeoIP.dat_org
# wget http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.tar.gz
# wget http://geolite.maxmind.com/download/geoip/database/GeoLite2-City.tar.gz
# gunzip GeoLite2-Country.tar.gz
# gunzip GeoLite2-City.tar.gz

언제부터인가 maxmind 에 회원가입을 하고 다운로드가 가능한것으로 바뀜

DB 업그레이드 (시골청년의 엔지니어이야기 ( 진반장 ) 님 블로그)

https://xinet.kr/data/geoip/GeoIP.dat
https://xinet.kr/data/geoip/GeoIPASNum.dat
https://xinet.kr/data/geoip/GeoIPCity.dat

mod_geoip 설정

vi /etc/httpd/conf.d/geoip.conf

<IfModule mod_geoip.c>
GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat MemoryCache
</IfModule>

redirect

# Redirect one country
RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^AS$
RewriteRule ^(.*)$ https://www.tecmint.com$1 [R,L]

blocking

SetEnvIf GEOIP_COUNTRY_CODE AS BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE US BlockCountry
# ... place more countries here

Deny from env=BlockCountry

allow

SetEnvIf GEOIP_COUNTRY_CODE AS AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE US AllowCountry
# ... place more countries here

Deny from all
Allow from env=AllowCountry

example (한국만 허용)

<IfModule mod_geoip.c>
GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat
</IfModule>

<Directory /home/userhome/*/public_html>
SetEnvIf GEOIP_COUNTRY_CODE KR AllowCountry
Order deny,allow
Deny from all
Allow from env=AllowCountry
</Directory>

<Directory /home/etc_homepage/*/public_html>
SetEnvIf GEOIP_COUNTRY_CODE KR AllowCountry
Order deny,allow
Deny from all
Allow from env=AllowCountry
</Directory>

Location 으로는 적용이 안됨