Otu esi etinye Mod_GeoIP maka Apache na RHEL na CentOS


Mod_GeoIP bụ modul Apache enwere ike iji nweta ọnọdụ mpaghara adreesị IP nke onye ọbịa n'ime sava weebụ Apache. Modul a na-enye gị ohere ikpebi obodo, nhazi, na ọnọdụ onye ọbịa. Ọ bara uru karịsịa maka ozi mgbasa ozi Geo, Content Target, Spam Fighting, Nchọpụta aghụghọ, Ntugharị/Na-egbochi ndị ọbịa dabere na obodo ha na ọtụtụ ndị ọzọ.

GeoIP modul na-enye ndị na-ahụ maka sistemu ohere ibugharị ma ọ bụ gbochie okporo ụzọ webụ dịka ọnọdụ mpaghara onye ahịa si dị. A na-amụta ọnọdụ ala site na adreesị IP onye ahịa.

Mod_GeoIP nwere ụdị abụọ dị iche iche otu bụ n'efu na nke ọzọ na-akwụ ụgwọ ma na-eji ọdụ data MaxMind GeoIP/GeoCity.

  1. Ụdị efu: Na ụdị efu, ọdụ data Geo City na obodo dị na 99.5% ziri ezi.
  2. Ụdị akwụ ụgwọ: Na ụdị akwụ ụgwọ, ị ga-enweta ọdụ data abụọ nwere izi ezi 99.8% nwere nkọwa ndị ọzọ dị elu gbasara adreesị IP.

Ọ bụrụ na-amasị gị ịlele ndịiche dị n'etiti ụdị efu na akwụghị ụgwọ, biko gaa na Maxmind.com.

Edemede a na-akọwa otu esi edobe na wụnye Mod_GeoIP modul maka Apache na RHEL na CentOS site na iji ebe nchekwa EPEL nwere ike njikwa ngwugwu YUM.

Anyị na-eche na ị na-agba ọsọ RHEL na CentOS usoro na-arụ ọrụ LAMP (Linux, Apache, MySQL, na PHP). Ọ bụrụ na ọ bụghị, gụọ akụkọ anyị ebe anyị gosipụtara ntinye nke sistemụ arụmọrụ abụọ na LAMP.

  1. Nwụnye CentOS 7 Opekempe.
  2. Nwụnye CentOS 8 Opekempe.

    Otu esi etinye LAMP (Linux, Apache, MySQL, PHP) na RHEL na CentOS 7
  1. Otu esi etinye Apache, MySQL/MariaDB, na PHP na RHEL na CentOS 8

Site na ndabara mod_Geoip adịghị n'okpuru ebe nchekwa RHEL/CentOS, yabụ anyị kwesịrị ịwụnye ma mee ka ebe nchekwa EPEL ndị ọzọ nwee ike.

# yum install epel-release
# yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm  [On RHEL 8]

Ozugbo ị kwadoro ebe nchekwa EPEL na sistemụ gị, ị nwere ike ịwụnye mod_geoip site na iji ngwugwu ndabere ha na-eso iwu.

# yum install mod_geoip GeoIP GeoIP-devel GeoIP-data zlib-devel

Ọ dị mma ibudata Geo City na database data obodo kacha ọhụrụ ka ị na-emelite.

# cd /usr/share/GeoIP/
# mv GeoIP.dat GeoIP.dat_org
# wget http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.tar.gz
# wget http://geolite.maxmind.com/download/geoip/database/GeoLite2-City.tar.gz
# gunzip GeoLite2-Country.tar.gz
# gunzip GeoLite2-City.tar.gz

Mgbe etinyere modul ahụ, mepee ma dezie faịlụ nhazi nke modul ahụ, ya na nchịkọta ederede ederede dị ka vi, ma rụọ ọrụ modul nkesa n'obosara, dị ka e gosiri na n'okpuru ebe a.

# vi /etc/httpd/conf.d/geoip.conf

Tọọ ahịrị GeoIPE enwere ike site na Gbanyụọ gaa na Gbanye. Ọzọkwa, jide n'aka na ị gbakwunyere ụzọ zuru oke na faịlụ nchekwa data GeoIP.

<IfModule mod_geoip.c>
GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat MemoryCache
</IfModule>

Malitegharịa ọrụ Apache iji gosipụta mgbanwe.

# systemctl restart httpd
OR
# service httpd restart

Agbanyeghị, a naghị atụ aro ka ịgbanwuo modul GeoIP n'obosara. Ị ga-eme ka modul GeoIP dị naanị na ma ọ bụ blocks ebe ị ga-eme ntụgharịgharị okporo ụzọ ma ọ bụ ngọngọ.

Iji nwalee mod_geoip modul na-arụ ọrụ nke ọma na Apache, anyị kwesịrị ịmepụta faịlụ PHP nke a na-akpọ testgeoip.php n'okpuru ndekọ mgbọrọgwụ Apache (dịka /var/www/html).

# vi /var/www/html/testgeoip.php

Fanye ibe php koodu na ya.

<html>
<head>
  <title>What is my IP address - determine or retrieve my IP address</title>
 </head>
<body>
 <?php
     if (getenv(HTTP_X_FORWARDED_FOR)) {
        $pipaddress = getenv(HTTP_X_FORWARDED_FOR);
        $ipaddress = getenv(REMOTE_ADDR);
        echo "Your Proxy IP address is : ".$pipaddress. " (via $ipaddress) " ;
    } else {
        $ipaddress = getenv(REMOTE_ADDR);
        echo "Your IP address is : $ipaddress";
    }
    $country = getenv(GEOIP_COUNTRY_NAME);
    $country_code = getenv(GEOIP_COUNTRY_CODE);
    echo "<br/>Your country : $country ( $country_code ) ";
?>
</body>
</html>

Ugbu a, gbalịa iji ihe nchọgharị weebụ kpọọ faịlụ ahụ (dịka http://localhost/testgeoip.php). Ị ga-enweta adreesị IP gị na nkọwa obodo.

GeoIP nchekwa data na-emelite mmalite nke ọnwa ọ bụla. Yabụ, ọ dị ezigbo mkpa idobe nchekwa data GeoIP ka ọ dị ọhụrụ. Iji budata ụdị nchekwa data kachasị ọhụrụ jiri iwu a.

# cd /usr/share/GeoIP/
# mv GeoIP.dat GeoIP.dat_org
# wget http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.tar.gz
# wget http://geolite.maxmind.com/download/geoip/database/GeoLite2-City.tar.gz
# gunzip GeoLite2-Country.tar.gz
# gunzip GeoLite2-City.tar.gz

Anyị edeela obere edemede shei ga-ebudata ụdị nchekwa data GeoIP kacha ọhụrụ kwa ọnwa. Naanị tinye nke ọ bụla n'ime edemede ndị a n'okpuru /etc/cron.monthly.

# Automatic GeoIP Database Update
#!/bin/sh
cd /usr/share/GeoIP
mv GeoIP.dat GeoIP.dat_org
wget -q http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.tar.gz
gzip -d -f GeoLite2-Country.tar.gz
#!/bin/sh

GEOIP_MIRROR="http://geolite.maxmind.com/download/geoip/database"
GEOIPDIR=/usr/share/GeoIP
TMPDIR=

DATABASES="GeoLiteCity GeoLiteCountry/GeoIP asnum/GeoIPASNum GeoIPv6"

if [ -d "${GEOIPDIR}" ]; then
        cd $GEOIPDIR
        if [ -n "${DATABASES}" ]; then
                TMPDIR=$(mktemp -d geoipupdate.XXXXXXXXXX)

                echo "Updating GeoIP databases..."

                for db in $DATABASES; do
                        fname=$(basename $db)

                        wget --no-verbose -t 3 -T 60 "${GEOIP_MIRROR}/${db}.dat.gz" -O "${TMPDIR}/${fname}.dat.gz"
                        gunzip -fdc "${TMPDIR}/${fname}.dat.gz" > "${TMPDIR}/${fname}.dat"
                        mv "${TMPDIR}/${fname}.dat" "${GEOIPDIR}/${fname}.dat"
                        chmod 0644 "${GEOIPDIR}/${fname}.dat"
                done
                [ -d "${TMPDIR}" ] && rm -rf $TMPDIR
        fi
fi

Koodu ihe atụ dị n'okpuru ga-emegharị ndị ọrụ dabere na koodu obodo anyị debere na AS (Asia). Otu a ị nwere ike ibugharị ndị ọrụ ọ bụla dabere na koodu obodo ha.

GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat

# Redirect one country
RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^AS$
RewriteRule ^(.*)$ https://linux-console.net$1 [R,L]

Ihe atụ a ga-egbochi ndị ọrụ dabere na koodu obodo nke GeoIP debere. Ihe atụ dị n'okpuru ga-egbochi ndị ọrụ si mba AS (Asia) na US (United States) mba.

GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat

SetEnvIf GEOIP_COUNTRY_CODE AS BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE US BlockCountry
# ... place more countries here

Deny from env=BlockCountry

Ihe atụ a dị n'okpuru ga-ahapụ naanị ndị ọrụ sitere na mba ndị a kpọtụrụ aha.

GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat

SetEnvIf GEOIP_COUNTRY_CODE AS AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE US AllowCountry
# ... place more countries here

Deny from all
Allow from env=AllowCountry

Enwere ike ịchọta ozi ndị ọzọ gbasara mod_geoip na ojiji ya na http://www.maxmind.com/app/mod_geoip. Ọ bụrụ na ị na-enwe nsogbu ọ bụla na ịtọlite modul mod_geoip, biko mee ka anyị mara site na nkwupụta ma biko echefula ịkọrọ ya ndị enyi gị.