Apache의 GeoIP 모듈을 사용하여 특정국가 차단.

GeoIP Apache API

Requirements
In order to run this API, you need the following installed:

• GeoIP C Library
• Apache web server

Download
Downloads are available for Apache 1.3.x and Apache 2.x.

Install
See the INSTALL file included with the mod_geoip API download for detailed instructions.

Usage
mod_geoip looks up the IP address of the client end user. If you need to input the IP address instead of simply using the client IP address, you will need to use another one of our APIs.

For the country database, mod_geoip sets two environment variables, GEOIP_COUNTRY_CODE and GEOIP_COUNTRY_NAME. For other databases, see the README file included with the mod_geoip API.

It also sets two entries in Apache's notes table with the same names as above.

For more documentation, see the README file included with the mod_geoip API download.

Examples
Redirection with mod_geoip and mod_rewrite
Below are examples of how to perform redirection based on country with mod_geoip and mod_rewrite. This configuration should be added to your Apache httpd.conf or .htaccess file.

GeoIPEnable On GeoIPDBFile /path/to/GeoIP.dat # Redirect one country RewriteEngine on RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^CA$ RewriteRule ^(.*)$ http://www.canada.com$1 [L] # Redirect multiple countries to a single page RewriteEngine on RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^(CA|US|MX)$ RewriteRule ^(.*)$ http://www.northamerica.com$1 [L]

This example redirects all pages on your site to a corresponding page on www.canada.com. For more details on how to use Apache's redirection features, see the Apache 1.3 URL Rewriting Guide.

Blocking unwanted countries
The following Apache configuration directives uses GeoIP Country to block traffic from China and Russia:

GeoIPEnable On GeoIPDBFile /path/to/GeoIP.dat SetEnvIf GEOIP_COUNTRY_CODE CN BlockCountry SetEnvIf GEOIP_COUNTRY_CODE RU BlockCountry # ... place more countries here Deny from env=BlockCountry # Optional - use if you want to allow a specific IP address from the country you denied # (See http://httpd.apache.org/docs/1.3/mod/mod_access.html for more details) Allow from 10.1.2.3

Allowing only specified countries
The following Apache configuration directives uses GeoIP Country to only allow traffic from US, Canada, and Mexico.

GeoIPEnable On GeoIPDBFile /path/to/GeoIP.dat SetEnvIf GEOIP_COUNTRY_CODE US AllowCountry SetEnvIf GEOIP_COUNTRY_CODE CA AllowCountry SetEnvIf GEOIP_COUNTRY_CODE MX AllowCountry # ... place more countries here Deny from all Allow from env=AllowCountry # Optional - use if you want to allow a specific IP address from the country you denied # (See http://httpd.apache.org/docs/1.3/mod/mod_access.html for more details) Allow from 10.1.2.3

Credits
Thanks to Corris Randall for contributing the adaption of mod_geoip for Apache 2.x.

A FreeBSD Port is available from http://cvsweb.FreeBSD.org/ports/www/mod_geoip/

RPM packages for mod_geoip2/Apache 2 are available from steudten.com, thanks to Thomas Steudten.

출처: http://www.maxmind.com/app/mod_geoip