All Linux HowTo's

GeoBlocking with Apache on CentOS

This article describes how to protect your Apache web server by restricting which countries can access it. We’re using Apache on CentOS 7 but Ubuntu would be very similar. I’ve given two examples; one on whitelisting everything except what we want to block, and blacklisting everything except what we want to allow:

Install the module:

yum install mod_geoip

Block everything except what we want to allow:

<Location "/">
SetEnvIf GEOIP_COUNTRY_CODE AU AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE NZ AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE US AllowCountry
Deny from all
Allow from env=AllowCountry
</Location>

Allow everything except what we want to block:

<Location "/">
SetEnvIf GEOIP_COUNTRY_CODE AS BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE US BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE EU BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE RU BlockCountry
Deny from env=BlockCountry
Allow from all
</Location>

Restart Apache:

systemctl restart httpd

Similar Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.