IP2Location Nginx Module 설정 사용 소결
17761 단어 geonginxip2location
IP2Location 는 주로 MaxMind GeoIP 를 대체 하 는 데 사용 되 는데 그 이 유 는 GeoIP 데이터 베 이 스 는 중국의 Blacklist 블랙리스트 에 대해 매우 높 은 오 해 률 을 가지 기 때문에 IP2Location 를 선택 하면 오 해 를 효과적으로 낮 출 수 있 고 업무 수 요 를 신속하게 바 꿀 수 있 기 때문이다.IP2Location 를 사용 하 는 과정 에서 홈 페이지 의 절차 에 아직도 문제 가 존재 한 다 는 것 을 알 게 되 었 습 니 다. 여기 서 자신 이 점차적으로 문 제 를 해결 하 는 과정 을 기록 하고 공유 합 니 다.
역 사 를 갱신 하 다
2020 년 04 월 21 일 - 초고
원문 읽 기 - https://wsgzao.github.io/post...
GeoIP 와 IP2 Location 안내
GeoIP 은 IP 데이터 베 이 스 를 포함 한 소프트웨어 도구 이다.이외에 도 IP2Location 등 국내 에서 비교적 깊이 있 게 만 든 것 은 고 춘 휘 가 만 든 것 IPIP.NET 이다.
Geo 는 방문 자의 IP 에 따라 해당 IP 가 있 는 위도, 국가 / 지역, 성시, 거리 등 위치 정 보 를 찾 습 니 다.
GeoIP / IP2Location 등 은 보통 두 가지 버 전, 하 나 는 무료 버 전, 하 나 는 유 료 버 전이 있다.
유 료 버 전의 정확도 가 높 고 업데이트 빈도 도 빈번 하 다.
Geo IP solution to identify country, region, city, latitude & longitude, ZIP code, time zone, connection speed, ISP, domain name, IDD country code, area code, weather station data, mobile network codes (MNC), mobile country codes (MCC), mobile carrier, elevation and usage type.
GeoIP 는 모두 가 매우 잘 아 는 오래된 브랜드 인 데, 이번 주인공 은 IP2 Location 이다.
IP2Location Nginx Module
This is an IP2Location Nginx Module that enables the user to identify the country code and country name by IP address. In general, it is faster, easier and more accurate than reverse DNS lookups.
https://www.ip2location.com/d...
Installation
IP2Location C library enables the user to find the country, region, city, coordinates, ZIP code, time zone, ISP, domain name, connection type, area code, weather, MCC, MNC, mobile brand name, elevation and usage type that any IP address or hostname originates from. It has been optimized for speed and memory utilization. Developers can use the API to query all IP2Location™ binary databases for IPv4 and IPv6 address.
설치 설명
IP2 Location 공식 집행 절차 에 문제 가 있 습 니 다. 여기 서 자신의 실천 후의 절차 와 결론 을 공유 합 니 다.
설치 의존 패키지
# These are for RedHat, CentOS, and Fedora.
sudo yum install wget git gcc-c++ pcre-devel zlib-devel make libtool autoconf automake
# These are for Debian. Ubuntu will be similar.
sudo apt-get install wget git build-essential zlib1g-dev libpcre3 libpcre3-dev libtool autoconf automake
IP2PLocation C 라 이브 러 리 컴 파일
git clone https://github.com/chrislim2888/IP2Location-C-Library
cd IP2Location-C-Library
autoreconf -i -v --force
./configure
make
make install
#
cd data
perl ip-country.pl
cd ../test
./test-IP2Location
Nginx 컴 파일
nginx: download
# Download ip2location-nginx
git clone https://github.com/ip2location/ip2location-nginx
# IP2Location library in "ngx_http_ip2location_module.c"
cd ip2location-nginx
vim ngx_http_ip2location_module.c
#include "IP2Location.h"
#include "/root/ip2location/IP2Location-C-Library-master/libIP2Location/IP2Location.h"
# Download Nginx Stable version
VERSION="1.16.1"
wget http://nginx.org/download/nginx-${VERSION}.tar.gz
tar -xvzf nginx-${VERSION}.tar.gz
cd nginx-${VERSION}
# Compile Nginx
./configure --add-module=../ip2location-nginx
make
sudo make install
# error: Failed dependencies:
# libIP2Location.so.1()(64bit) is needed by nginx-garena-1.16.1-0.noarch
# nginx , rpmbuild
rpm -Uvh https://rpms.remirepo.net/enterprise/7/remi/x86_64/libip2location-8.0.7-1.el7.remi.x86_64.rpm
IP2Location Database Download
IP2Location offers 5 free LITE databases and 24 commercial IP geolocation databases. Free database is less accurate comparing to commercial database.
# Create new directory for IP2Location database.
mkdir -p /usr/share/ip2location
cd /usr/share/ip2location
# Go to https://lite.ip2location.com. Sign up an account for login and password.
# Download and decompress the latest IP2Location LITE database.
wget http://download.ip2location.com/lite/IP2LOCATION-LITE-DB1.BIN.ZIP
unzip IP2LOCATION-LITE-DB1.BIN.ZIP
Configuration
You need to configure Nginx to use IP2LOCATION module.
# Edit
vi /etc/nginx/nginx.conf
# Add following lines under `http` context:
http {
ip2location on;
ip2location_database /usr/share/ip2location/IP2LOCATION-LITE-DB1.BIN;
#ip2location_database /usr/share/ip2location/IP-COUNTRY-REGION-CITY-LATITUDE-LONGITUDE-ZIPCODE-ISP-DOMAIN.BIN
ip2location_access_type shared_memory;
}
선택 가능 한 매개 변수 ip2 locationaccess_type file_io|shared_memory|cache_memory 기본 값 sharedmemory 는 file 을 선택 하지 말 것 을 권장 합 니 다.io, 그렇지 않 으 면 응답 속 도 를 심각하게 늦 출 수 있 습 니 다.
Syntax
Syntax:
ip2location on|off
Default: offContext: http, server, locationDescription: Enable or disable IP2LOCATION Nginx module. Syntax:
ip2location_database path
Default: noneContext: httpDescription: The absolute path to IP2LOCATION BIN database. Syntax:
ip2location_access_type file_io|shared_memory|cache_memory
Default: shared_memoryContext: httpDescription: Set the method used for lookup. Syntax:
ip2location_proxy cidr|address
Default: noneContext: httpDescription: Set a list of proxies to translate x-forwarded-for headers for. Syntax:
ip2location_proxy_recursive on|off
Default: offContext: httpDescription: Enable recursive search in the x-forwarded-for headers. Variables
The following variables will be made available in Nginx:
ip2location_country_short
ip2location_country_long
ip2location_region
ip2location_city
ip2location_isp
ip2location_latitude
ip2location_longitude
ip2location_domain
ip2location_zipcode
ip2location_timezone
ip2location_netspeed
ip2location_iddcode
ip2location_areacode
ip2location_weatherstationcode
ip2location_weatherstationname
ip2location_mcc
ip2location_mnc
ip2location_elevation
ip2location_usagetype
You may block the traffic from United States in Nginx as below:
if ( $ip2location_country_short = 'US' ) {
return 444;
}
if ( $ip2location_country_short = 'SG' ) {
return 444;
}
GeoIP 설정 방법 도 참조 할 수 있 습 니 다.
map $ip2location_country_short $blacklist_country {
default no;
CN yes;
}
server {
listen 80;
server_name wangao.com;
if ($blacklist_country = yes) {
return 444;
}
}
브 라 우 저 접근 검사 nginx log 결과
tailf /var/log/nginx/access.log
xxx - - [21/Apr/2020:17:18:11 +0800] "GET / HTTP/1.1" 200 396 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
xxx - - [21/Apr/2020:17:18:42 +0800] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"
IP2Location Python Library
This module is a Python Library to support all IP2Location™ database products. It has been optimized for speed and memory utilization. Developers can use this API to query all IP2Location™ binary databases for IPv4 and IPv6 address.
https://www.ip2location.com/d...
import IP2Location
IP2LocObj = IP2Location.IP2Location()
'''
Cache the database into memory to accelerate lookup speed.
WARNING: Please make sure your system have sufficient RAM to use this feature.
'''
# database = IP2Location.IP2Location(os.path.join("data", "IPV6-COUNTRY.BIN"), "SHARED_MEMORY")
IP2LocObj.open("data/IP-COUNTRY-REGION-CITY-LATITUDE-LONGITUDE-ZIPCODE-TIMEZONE-ISP-DOMAIN-NETSPEED-AREACODE-WEATHER-MOBILE-ELEVATION-USAGETYPE-SAMPLE.BIN")
rec = IP2LocObj.get_all("19.5.10.1")
print rec.country_short
import IP2Location
import sys
import argparse
def ip2location_search(ip, db):
IP2LocObj = IP2Location.IP2Location()
'''
Cache the database into memory to accelerate lookup speed.
WARNING: Please make sure your system have sufficient RAM to use this feature.
'''
# database = IP2Location.IP2Location(os.path.join("data", "IPV6-COUNTRY.BIN"), "SHARED_MEMORY")
IP2LocObj.open(db)
rec = IP2LocObj.get_all(ip)
print rec.country_short
def _parse_args():
parser = argparse.ArgumentParser(description="Search IP in IP2Location Database")
parser.add_argument("-i", "--ip", help="Input ip", required=True)
parser.add_argument("-d", "--db", help="Path to ip2location db", required=True)
return parser.parse_args()
if __name__ == "__main__":
args = _parse_args()
ip = args.ip
db = args.db
ip2location_search(ip, db)
Country blocking using Nginx with IP2Location Module
After few days of trying, trying and trying, finally find out the way to compile the IP2Location module into the Nginx in Ubuntu server. I try to compare multiple way of doing the country block with Nginx, where in my previous post, the country blocking is done with GeoIP module (which I found out more easy compare to the IP2Location module), and also the country block without any 3rd party plugin for Nginx, with this method, that’s no any compilation of Nginx needed in order to make it, it’s most suitable for the current running Nginx which install directly from the APT repo.
IP2Location is one of the most famous IP location provider in the market and they are from Penang. I being use their service since many years ago and that’s the reason why I wanna try out to doing the Nginx country block with IP2Location module.
I can’t really find a full and complete step on the installing and compiling of the module, that’s why it take me many days to figure out how to make the whole thing work nicely.
The following script basically just download all necessary module source code (OpenSSL, PCRE, IP2Location C module, IP2Lacation Nginx module, Nginx 1.15 .0 source code) and compile all. After that, create the system service and put the Nginx into auto start mode and include the IP2Location database into Nginx.conf. Beside that, I also include the script to auto download the database directly from IP2Location server.
sudo apt update && sudo apt upgrade -y && \
sudo apt install build-essential dh-autoreconf unzip -y && \
sudo mkdir nginx-dev && cd nginx-dev && \
sudo wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.42.tar.gz && \
sudo tar -zxf pcre-8.42.tar.gz && \
cd pcre-8.42 && \
sudo ./configure && \
sudo make && \
sudo make install && \
cd .. && \
sudo wget http://zlib.net/zlib-1.2.11.tar.gz && \
sudo tar -zxf zlib-1.2.11.tar.gz && \
cd zlib-1.2.11 && \
sudo ./configure && \
sudo make && \
sudo make install && \
cd .. && \
sudo wget https://www.openssl.org/source/openssl-1.0.2o.tar.gz && sudo tar xzvf openssl-1.0.2o.tar.gz && \
cd openssl-1.0.2o && \
sudo ./config --prefix=/usr && \
sudo make && \
sudo make install && \
cd .. && \
sudo rm *.gz && \
sudo wget https://github.com/chrislim2888/IP2Location-C-Library/archive/master.zip && \
sudo unzip master.zip && \
cd IP2Location-C-Library-master && \
sudo autoreconf -i -v --force && \
sudo ./configure && \
sudo make && \
sudo make install && \
cd ~/nginx-dev && \
sudo rm master.zip && \
sudo wget https://github.com/ip2location/ip2location-nginx/archive/master.zip && \
sudo unzip master.zip && \
sudo rm master.zip && \
sudo sed -i 's/#include "IP2Location.h"/#include "\/home\/ubuntu\/nginx-dev\/IP2Location-C-Library-master\/libIP2Location\/IP2Location.h"/g' ~/nginx-dev/ip2location-nginx-master/ngx_http_ip2location_module.c && \
sudo mkdir /etc/ip2location && cd /etc/ip2location && \
sudo curl -o DB1-IP-COUNTRY.BIN.ZIP "https://www.ip2location.com/download?token=B7DAFhxJcAyim6NQsXWV1pGzy3deiiGUqjv5B2OOCn6YuUPWSLRTbytJCGXVZEPp&file=DB1BIN" && \
sudo unzip -o DB1-IP-COUNTRY.BIN.ZIP && \
sudo rm !(*.BIN) && \
cd ~/nginx-dev && \
sudo wget https://nginx.org/download/nginx-1.15.0.tar.gz && \
sudo tar zxf nginx-1.15.0.tar.gz && \
cd nginx-1.15.0 && \
sudo ./configure --prefix=/usr/share/nginx \
--sbin-path=/usr/sbin/nginx \
--modules-path=/usr/lib/nginx/modules \
--add-module=../ip2location-nginx-master \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/run/nginx.pid \
--lock-path=/var/lock/nginx.lock \
--user=www-data \
--group=www-data \
--build=Ubuntu \
--http-client-body-temp-path=/var/lib/nginx/body \
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
--http-proxy-temp-path=/var/lib/nginx/proxy \
--http-scgi-temp-path=/var/lib/nginx/scgi \
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
--with-openssl=../openssl-1.0.2o \
--with-openssl-opt=enable-ec_nistp_64_gcc_128 \
--with-openssl-opt=no-nextprotoneg \
--with-openssl-opt=no-weak-ssl-ciphers \
--with-openssl-opt=no-ssl3 \
--with-pcre=../pcre-8.42 \
--with-pcre-jit \
--with-zlib=../zlib-1.2.11 \
--with-compat \
--with-file-aio \
--with-threads \
--with-http_addition_module \
--with-http_auth_request_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_mp4_module \
--with-http_random_index_module \
--with-http_realip_module \
--with-http_slice_module \
--with-http_ssl_module \
--with-http_sub_module \
--with-http_stub_status_module \
--with-http_v2_module \
--with-http_secure_link_module \
--with-mail \
--with-mail_ssl_module \
--with-stream \
--with-stream_realip_module \
--with-stream_ssl_module \
--with-stream_ssl_preread_module \
--with-debug && \
sudo make && \
sudo make install && \
sudo ldconfig && \
sudo nginx -v && sudo nginx -V && \
sudo mkdir -p /var/lib/nginx && sudo nginx -t && \
sudo echo "
[Unit]
Description=A high performance web server and a reverse proxy server
After=network.target
[Service]
Type=forking
PIDFile=/run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t -q -g 'daemon on; master_process on;'
ExecStart=/usr/sbin/nginx -g 'daemon on; master_process on;'
ExecReload=/usr/sbin/nginx -g 'daemon on; master_process on;' -s reload
ExecStop=-/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid
TimeoutStopSec=5
KillMode=mixed
[Install]
WantedBy=multi-user.target " > ~/nginx.service && \
sudo mv ~/nginx.service /etc/systemd/system/nginx.service && \
sudo systemctl start nginx.service && sudo systemctl enable nginx.service && \
sudo sed -i 's/default_type application\/octet-stream;/default_type application\/octet-stream;
ip2location on;
ip2location_database \/etc\/ip2location\/IP-COUNTRY.BIN;
ip2location_access_type shared_memory;/g' /etc/nginx/nginx.conf
After finish run above command, just add the following script into your Nginx.conf or your website virtual host directive in or to make rewrite all incoming traffic to your desire destination
server{
listen 80;
server_name _;
if ($ip2location_country_short ~ ^MY$) {
rewrite ^(.*)$ http://www.google.com last;
}
}
Finally you may testing your configure by browsing the server IP using any of your browse, if you are from Malaysia, than you should be redirected to Google home page
참고 문장
How to use IP2Location GeoLocation with Nginx
How to Install IP2Location Nginx Module on Debian
Upgrade to GeoIP2 with NGINX on CentOS/RHEL
이 내용에 흥미가 있습니까?
현재 기사가 여러분의 문제를 해결하지 못하는 경우 AI 엔진은 머신러닝 분석(스마트 모델이 방금 만들어져 부정확한 경우가 있을 수 있음)을 통해 가장 유사한 기사를 추천합니다:
벡터 블록에 유효한 FOSS 4G2014년에 제안한 은 다양한 소프트웨어에서 채택되었고 2진 벡터 타일의 상호 운용이 확보되고 있다.나는 2진 벡터 타일의 생산과 소비를 확대하고 싶다.이렇게 하려면 다음 그림에서 주황색 사각과 같이 각 소프트웨어가...
텍스트를 자유롭게 공유하거나 복사할 수 있습니다.하지만 이 문서의 URL은 참조 URL로 남겨 두십시오.
CC BY-SA 2.5, CC BY-SA 3.0 및 CC BY-SA 4.0에 따라 라이센스가 부여됩니다.