This is an old revision of the document!

Enabling GeoLocation (GEOIP)

Geolocation (GEOIP) enables developers to enhance the user experience. Content and advertising may be customized for a specific user's country, showing pages more relevant to the location of the user. Admins can further enhance a site's security by blocking a client based on country.

How to Enable

Enabling GeoIP is easy. The following are simple steps on a CentOS system to install through yum to install MaxMind GeoIP Legacy database. Check this wiki for MaxMind GeoIP2 database and IP2Location database setup.

Install

Install GeoIP database for CentOS users: 

yum install GeoIP-data

Install other modules: 

yum install GeoIP-devel zlib-devel

Setup

Check geo database: 

rpm -ql GeoIP

It may return a database path similar to: 

/usr/share/GeoIP/GeoIP.dat

In LSWS WebAdmin, configure the database location. Navigate to Configuration > Server > General > General settings > IP to GeoLocation DB
Enter DB File Path: 

/usr/share/GeoIP/GeoIP.dat

Set DB Cache Type to MemoryCache

Navigate to Web Admin > Configurations > Your Virtual Hosts > Rewrite to add rewrite rules that will control the redirect: 

<IfModule LiteSpeed>
  RewriteEngine on
  RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^(CA)$
  RewriteRule ^(.*)$ https://en.wikipedia.org/wiki/Canada [R,L]
</IfModule>

Refer to Maxmind for more rewrite examples.

How to Verify

Change Your Source IP by Proxy

Method 1:

From this site , we can simply put in a web IP and choose a country from three(USA, Germany, Netherlands). If you want more than three countries, then you need to register for a paid plan.

Method 2:

You can choose a free proxy server from online free resources, e.g. Free_Proxy

Setup the proxy IP with your browser. Here are the steps for Chrome:

  1. Click on Settings.
  2. Click Show advanced settings
  3. Scroll further down the list until you see System
  4. Click Open proxy settings
  5. Click the LAN settings button.
  6. On the Internet Properties window, click the LAN settings button.
  7. In the LAN Settings, uncheck the box that says Automatically detect settings.
  8. In the Proxy Server section, click the checkbox to enable Use a proxy server for your LAN
  9. In the Address field, enter the IP Address and Port Number of your Proxy Server.
  10. Press the OK button and then press OK again to save your settings.
  11. Now when you surf the web, you will be surfing by using the Proxy Server.

Check Correct IP is Set

  • You can check source IP via LiteSpeed default php page http://your_domain/phpinfo.php. First, you need to set Admin > Configurations > Your Virtual Hosts > General > Enable GeoLocation Lookup to Yes 
    _SERVER["GEOIP_ADDR"]
_SERVER["GEOIP_COUNTRY_CODE"]
_SERVER["GEOIP_COUNTRY_NAME"]
_SERVER["GEOIP_CONTINENT_CODE"]
  • Or use online IP check, e.g. What is my IP
  • Or ipinfo.io online service, which will return json format: 
    curl ipinfo.io/153.232.58.88
>>>
{
  "ip": "153.232.58.88",
  "hostname": "88.58.232.153.ap.dti.ne.jp",
  "city": "Tokyo",
  "region": "Tokyo",
  "country": "JP",
  "loc": "35.6850,139.7514",
  "org": "AS4713 NTT Communications Corporation",
  "postal": "102-0082"
}

Check DB by lookup command

Use geoiplookup/geoiplookup6 command to verify GeoData is working: 

geoiplookup /usr/share/GeoIP/GeoIP.dat 62.26.0.0
>> GeoIP Country Edition: DE, Germany
geoiplookup /usr/share/GeoIP/GeoIP.dat 210.212.193.192
>> GeoIP Country Edition: IN, India

Set Rewrite Rules

Navigate to Web Admin > Configurations > Your Virtual Hosts > Rewrite:

  • Set Rewrite to Yes
  • For testing purpose, set Log Level to 9.
  • Add the following rules to Rewrite Rules content: 
    # Redirect two specific countries
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^(CA)$
RewriteRule ^(.*)$ https://en.wikipedia.org/wiki/Canada [R,L]
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^(EU)$
RewriteRule ^(.*)$ https://en.wikipedia.org/wiki/Europe [R,L]

Log

 tail -f /PATH_TO_LSWS/log/error.log

When you are using CA IP: 

[REWRITE] Rule: Match '/' with pattern '^(.*)$', result: 2
[REWRITE] Cond: Match 'CA' with pattern '^(CA)$', result: 2
[REWRITE] Source URI: '/' => Result URI: 'https://en.wikipedia.org/wiki/Canada'

When you are using Germany IP: 

[REWRITE] Rule: Match '/' with pattern '^(.*)$', result: 2
[REWRITE] Cond: Match 'EU' with pattern '^(EU)$', result: 2
[REWRITE] Source URI: '/' => Result URI: 'https://en.wikipedia.org/wiki/Europe'

When you are using Netherlands IP: 

[REWRITE] Rule: Match '/' with pattern '^(.*)$', result: 2
[REWRITE] Cond: Match 'NL' with pattern '^(CA)$', result: -1
[REWRITE] Rule: Match '/' with pattern '^(.*)$', result: 2
[REWRITE] Cond: Match 'NL' with pattern '^(EU)$', result: -1
  • 2 is match, -1 is not match

Troubleshooting

  • If the module is not working, make sure that the httpd user (e.g. nobody) has read access to the GeoIP database file(s) you are using.
  • If the GeoIP variables do not show up please make sure that the client IP address is not on a private network such as 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16. GeoIP can only look up public IP addresses.

Update GeoIP Database through yum or manually download

If you install GeoIP-data through yum, you can do upgrade through: 

yum update GeoIP-data

You can also download/update GeoIP database manually:

Download new database from: 

 wget -N http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz

Uncompress it: 

 gunzip GeoIP.dat.gz

Move the file in the right directory: 

 mv GeoIP.dat /usr/local/share/GeoIP/

More Information

  • IP Country Codes List:
  • Rewrite rule: Blocking a client based on country example:
    SetEnvIf GEOIP_COUNTRY_CODE DE BlockCountry
Deny from env=BlockCountry
  • Admin
  • Last modified: 2019/01/09 17:18
  • by Jackson Zhang