Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
litespeed_wiki:cache:common:geoip-support [2019/04/16 16:22] Jackson Zhang |
litespeed_wiki:cache:common:geoip-support [2020/01/29 21:29] Lisa Clarke Corrected Brand Capitalization |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== GeoLocation support (GEOIP) for LiteSpeed Web Server ====== | + | ====== GeoLocation Support (GeoIP) for LiteSpeed Web Server ====== |
| - | LSCache supports GEOIP. | + | LSCache supports GeoIP databases, including MaxMind GeoIP2, MaxMind GeoIP Legacy, and IP2Location. MaxMind discontinued their Legacy databases On January 2, 2019, hence we recommend you no longer use it. |
| For LSWS v5.2.x and earlier, only the MaxMind Legacy Database .dat is supported. As of LSWS v5.3RC2, LSWS supports the [[https://www.maxmind.com/en/geoip2-databases|MaxMind GeoIP2 format database]], ''.mmdb''. The database path configuration is in the same location as the legacy DB (**Configuration > Server > General > General settings > IP to GeoLocation DB**), then set the database path to either ''.dat'' or ''.mmdb''. | For LSWS v5.2.x and earlier, only the MaxMind Legacy Database .dat is supported. As of LSWS v5.3RC2, LSWS supports the [[https://www.maxmind.com/en/geoip2-databases|MaxMind GeoIP2 format database]], ''.mmdb''. The database path configuration is in the same location as the legacy DB (**Configuration > Server > General > General settings > IP to GeoLocation DB**), then set the database path to either ''.dat'' or ''.mmdb''. | ||
| Line 10: | Line 10: | ||
| To setup and enable GeoIP on LSWS, you will need to choose one database, download and install the database to a directory, setup the database path in LSWS Admin, enable GeoIP through the Apache configuration or LSWS native, then finally run some tests. | To setup and enable GeoIP on LSWS, you will need to choose one database, download and install the database to a directory, setup the database path in LSWS Admin, enable GeoIP through the Apache configuration or LSWS native, then finally run some tests. | ||
| - | ===== Download and Configure GEOIP Database Path ===== | + | ===== Map MaxMind GeoIP2 Variables to IP2Location ===== |
| + | If you have switched from the MaxMind GeoIP2 service to an IP2location database on your shared hosting server, many of your PHP scripts may still make use of the ''GEOIP_*'' environment variables ''$SERVER['GEOIP_COUTRY_CODE']'' and ''$SERVER['GEOIP_ADDR']''. Because of the nature of shared hosting servers, it is impossible to remove these environment variables or get all customers to rename them in their scripts. | ||
| + | |||
| + | Luckily, LiteSpeed Web Server handles this scenario for you. | ||
| + | |||
| + | Starting from LSWS 5.4.4 build 2, ''GEOIP_COUNTRY_CODE'' is automatically mapped to ''IP2LOCATION_COUNTRY_SHORT'' and ''GEOIP_ADDR'' is automatically mapped to ''IP2LOCATION_ADDR''. | ||
| + | ===== Download and Configure GeoIP Database Path ===== | ||
| You will need to choose only one database to be used for your GeoIP: MaxMind GeoIP2, MaxMind Legacy Database, or IP2location database. Then, set up the right database path in the appropriate section in the LSWS Web Admin Console. | You will need to choose only one database to be used for your GeoIP: MaxMind GeoIP2, MaxMind Legacy Database, or IP2location database. Then, set up the right database path in the appropriate section in the LSWS Web Admin Console. | ||
| Line 19: | Line 25: | ||
| Let's assume that you will store the DB in ''/usr/share/GeoIP/''. | Let's assume that you will store the DB in ''/usr/share/GeoIP/''. | ||
| - | Download the free database from ''https://dev.maxmind.com/geoip/geoip2/geolite2/'': | + | Starting December 30, 2019, you cannot ''wget'' the GeoLite2 database anymore. Instead, you will need to register for a MaxMind account and obtain a license key in order to [[https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/|download GeoLite2 databases]]. |
| - | wget http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.tar.gz | + | |
| - | tar -zxvf GeoLite2-Country.tar.gz | + | After download, you can unzip it: |
| + | tar -zxvf GeoLite2-Country_20200114.tar.gz | ||
| Then, move the file ''GeoLite2-Country.mmdb'' to | Then, move the file ''GeoLite2-Country.mmdb'' to | ||
| Line 46: | Line 53: | ||
| </code> | </code> | ||
| - | === GEOIP2 Envirment Variables === | + | ==== Advanced Configuration:GeoIP2 Environment Variables ==== |
| - | The full power of the GeoIP2 facility requires use of the environment variables in the Litespeed Configuration. The description of the format used is designed to be as similar as possible as the Apache mod_maxminddb environment described [[https://github.com/maxmind/mod_maxminddb|here]] specifically for the MaxMindDBEnv variable. Each environment variable is specified in the environment text box as one line: | + | The full power of GeoIP2 requires the use of environment variables in the LiteSpeed configuration. The format used is designed to be as similar as possible to the Apache ''mod_maxminddb'' environment described [[https://github.com/maxmind/mod_maxminddb|here]] ,specifically for the ''MaxMindDBEnv'' variable. Each environment variable is specified in the environment text box as one line: |
| * The name of the environment variable that will be exported, for example ''GEOIP_COUNTRY_NAME'' | * The name of the environment variable that will be exported, for example ''GEOIP_COUNTRY_NAME'' | ||
| * A space | * A space | ||
| - | * The logical name of the environment variable. That consists of: | + | * The logical name of the environment variable, which consists of: |
| - | * It uses the name of the database as specified in the DB Name field as the prefix. For example COUNTRY_DB | + | * The name of the database as specified in the **DB Name** field as the prefix. For example, ''COUNTRY_DB'' |
| - | * A forward slash / | + | * A forward slash ''/'' |
| - | * The forward slash separated name of the field as displayed in ''mmdblookup''. For example: ''country/names/en'' | + | * The name of the field as displayed in ''mmdblookup''. For example: ''country/names/en'' |
| Thus the default generates: | Thus the default generates: | ||
| Line 65: | Line 72: | ||
| GEOIP_COUNTRY_NAME COUNTRY_DB/country/names/es | GEOIP_COUNTRY_NAME COUNTRY_DB/country/names/es | ||
| - | Note that if a variable is used by multiple databases (for example, the default ''GEOIP_COUNTRY_NAME'') you need to override the value in the last database specified (or all databases in case they get reordered, just to be safe). | + | Note that if a variable is used by multiple databases (for example, the default ''GEOIP_COUNTRY_NAME''), you need to override the value in the last database specified (or all databases in case they get reordered, just to be safe). |
| Note that ''subdivisions'' is an array and must be referenced by index (usually ''0'' or ''1''). | Note that ''subdivisions'' is an array and must be referenced by index (usually ''0'' or ''1''). | ||
| Line 81: | Line 88: | ||
| "GEOIP_POSTAL_CODE", "/postal/code" | "GEOIP_POSTAL_CODE", "/postal/code" | ||
| "GEOIP_CITY", "/city/names/en" | "GEOIP_CITY", "/city/names/en" | ||
| - | |||
| You can customize the configuration to add the environment variables you want as describe above. | You can customize the configuration to add the environment variables you want as describe above. | ||
| - | ==Example 1: Make sure the entry name correct== | + | === Example 1 === |
| + | Make sure the entry name is correct. | ||
| - | you can add the following. | + | You can add the following: |
| GEOIP_REGION_NAME CITY_DB/subdivisions/0/names/en | GEOIP_REGION_NAME CITY_DB/subdivisions/0/names/en | ||
| - | Please make sure the correct entry name is used. For example, the following is incorrect. | + | Please make sure the correct entry name is used. For example, the following is incorrect: ''name'' should be ''names''. |
| GEOIP_REGION_NAME CITY_DB/subdivisions/0/name/en | GEOIP_REGION_NAME CITY_DB/subdivisions/0/name/en | ||
| - | ==Example 2== | + | === Example 2 === |
| - | You can customize a name as "MyTest_COUNTRY_CODE" as the following: | + | You can customize a name as ''MyTest_COUNTRY_CODE'', like so: |
| MyTest_COUNTRY_CODE CITY_DB/country/iso_code | MyTest_COUNTRY_CODE CITY_DB/country/iso_code | ||
| | | ||
| {{ :litespeed_wiki:cache:common:litespeed-geoip2-variables-e1.png?800 |}} | {{ :litespeed_wiki:cache:common:litespeed-geoip2-variables-e1.png?800 |}} | ||
| - | It will show from phpinfo.php page as: | + | It will show on the ''phpinfo.php'' page as: |
| _SERVER["MyTest_COUNTRY_CODE"] US | _SERVER["MyTest_COUNTRY_CODE"] US | ||
| - | "US" will be replaced by your country code visiting from, such "SG" or others. | + | ''US'' will be replaced by the country code you are visiting from, such as ''SG'' or others. |
| - | ==Example 3== | + | === Example 3 === |
| - | You can customize a name as "MyTest2_COUNTRY_CODE" by using a defined COUNTRY DB name "COUNTRY_DB_20190402" with a contry database. | + | You can customize a name as ''MyTest2_COUNTRY_CODE'' by using a defined COUNTRY DB name ''COUNTRY_DB_20190402'' with a country database. |
| MyTest2_COUNTRY_CODE COUNTRY_DB_20190402/country/iso_code | MyTest2_COUNTRY_CODE COUNTRY_DB_20190402/country/iso_code | ||
| {{ :litespeed_wiki:cache:common:litespeed-geoip2-variables-e2.png?800 |}} | {{ :litespeed_wiki:cache:common:litespeed-geoip2-variables-e2.png?800 |}} | ||
| - | It will show from phpinfo.php page as: | + | It will show on the ''phpinfo.php'' page as: |
| _SERVER["MyTest2_COUNTRY_CODE"] US | _SERVER["MyTest2_COUNTRY_CODE"] US | ||
| + | === Example 4 === | ||
| + | You can customize all of the following: | ||
| + | HTTP_GEOIP_CITY CITY_DB/city/names/en | ||
| + | HTTP_GEOIP_POSTAL_CODE CITY_DB/postal/code | ||
| + | HTTP_GEOIP_CITY_CONTINENT_CODE CITY_DB/continent/code | ||
| + | HTTP_GEOIP_CITY_COUNTRY_CODE CITY_DB/country/iso_code | ||
| + | HTTP_GEOIP_CITY_COUNTRY_NAME CITY_DB/country/names/en | ||
| + | HTTP_GEOIP_REGION CITY_DB/subdivisions/0/iso_code | ||
| + | HTTP_GEOIP_LATITUDE CITY_DB/location/latitude | ||
| + | HTTP_GEOIP_LONGITUDE CITY_DB/location/longitude | ||
| + | |||
| + | {{ :litespeed_wiki:cache:common:litespeed-geoip2-variables-e4-1.png?600 |}} | ||
| + | |||
| + | It will show on the ''phpinfo.php'' page as: | ||
| + | _SERVER["HTTP_GEOIP_CITY"] Montville | ||
| + | _SERVER["HTTP_GEOIP_POSTAL_CODE"] 07045 | ||
| + | _SERVER["HTTP_GEOIP_CITY_CONTINENT_CODE"] NA | ||
| + | _SERVER["HTTP_GEOIP_CITY_COUNTRY_CODE"] US | ||
| + | _SERVER["HTTP_GEOIP_CITY_COUNTRY_NAME"] United States | ||
| + | _SERVER["HTTP_GEOIP_REGION"] NJ | ||
| + | _SERVER["HTTP_GEOIP_LATITUDE"] 40.90490 | ||
| + | _SERVER["HTTP_GEOIP_LONGITUDE"] -74.36460 | ||
| + | |||
| + | {{ :litespeed_wiki:cache:common:litespeed-geoip2-variables-e4-2.png?400 |}} | ||
| ==== MaxMind Legacy Database ==== | ==== MaxMind Legacy Database ==== | ||
| Line 125: | Line 156: | ||
| It may return the database path as <code>/usr/share/GeoIP/GeoIP.dat</code> | It may return the database path as <code>/usr/share/GeoIP/GeoIP.dat</code> | ||
| - | |||
| - | Alternatively, you can just download the database yourself directly. | ||
| **NOTE**: On January 2, 2019, MaxMind discontinued the GeoLite Legacy databases. GeoLite Legacy databases are no longer available for download. | **NOTE**: On January 2, 2019, MaxMind discontinued the GeoLite Legacy databases. GeoLite Legacy databases are no longer available for download. | ||
| Line 237: | Line 266: | ||
| | | ||
| GeoIP rewrite rules that do not work as expected may be more complicated. You will need to check the rules to look for issues such as a redirect loop. When needed, you can log a ticket with us. Let us know the rules set is not working as expected, and provide a more detailed test example for us to take a further look. | GeoIP rewrite rules that do not work as expected may be more complicated. You will need to check the rules to look for issues such as a redirect loop. When needed, you can log a ticket with us. Let us know the rules set is not working as expected, and provide a more detailed test example for us to take a further look. | ||
| + | |||
| + | ==== IP Not Blocked Due to Out-of-date Database ==== | ||
| + | A user set up the following at ''/etc/apache2/conf.d/userdata/geoip.conf'': | ||
| + | |||
| + | <IfModule mod_geoip.c> | ||
| + | RewriteEngine on | ||
| + | RewriteCond %{ENV:GEOIP_COUNTRY_CODE} !^(GB|DK|US|IN)$ | ||
| + | RewriteRule (wp-login|xmlrpc)\.php$ - [F,L] | ||
| + | </IfModule> | ||
| + | |||
| + | Testing from an IP in NG/Nigeria/- ''x.x.x.x'', it should be blocked but it is not. | ||
| + | |||
| + | Further analysis shows the above IP belongs to North Carolina, US in the downloaded MaxMind database. It looks like the record on that old database is incorrrect. If the database is not kept up to date, it will result in incorrect information. | ||
| + | |||
| + | You can keep the database up to date from time to time manually by doing a direct download, or you can use the [[https://dev.maxmind.com/geoip/geoipupdate/|geoipupdate tool]], so your system automatically keeps the file up to date whenever MaxMind publishes an update. | ||