Edgars Ozolins
Reputation: 298
How to grant access to a specific IP address that is blocked by GeoIP[country] in nGinx?
Can't find solution how to solve this. Here is how I blocked an access to the country and at the same time I need to grand access to a specific IP that is from blocked country.
Upvotes: 2
Views: 7883
Answers (2)
Magikon
Reputation: 143
In http block
geoip_country /usr/local/share/GeoIP/GeoIP.dat;
map "$geoip_country_code:$remote_addr" $allowed_country {
default yes;
"~..:10.11.12.13" yes;
"~..:11.12.13.14" no;
"~TR:.*" no;
}
In server block
if ($allowed_country = no) {
return 403;
}
Upvotes: 4
Edgars Ozolins
Reputation: 298
Finally found the solution for this problem.
1) in nginx.conf add
http {
geoip_country /usr/share/GeoIP/GeoIP.dat;
map $geoip_country_code $allowed_country {
default no;
LV yes; # in my case it is Latvia (allowed country, but all other are not)
}
geo $exclusions {
default 0;
123.123.123.123 1; # here comes allowed IP that is in blocked country list
}
}
2) in your vhost configuration server{} container
if ($allowed_country = yes) {
set $exclusions 1;
}
if ($exclusions = "0") {
return 403;
}
The main idea is from HERE
Upvotes: 8
Related Questions
- NGINX block by country and exclude bots
- Block country for special address or URL with htaccess and GeoIP
- Can I perform GeoIP blocking in NGINX without having to pay for NGINX Plus?
- Running geoip module with nginx
- Restrict website to access specific country
- Only allow certain countries traffic access specific page
- Blocked country with one IP allowed (GEOIP Conf.)
- How to query the GeoIP in NGINX programmably
- Nginx block POST for certain countries
- Geo IP Module for nginx