From October 2023 all our web servers support the "Mod-MaxMind" module, which is the latest release and supersedes the "Mod-GeoIP" module. The info in the article below is retained for historical purposes only. If you are setting up IP geo-location on a new website or updating an existing website, please follow the instructions here: Mod MaxMind DB - Deny/allow geographic access to your website
If your website uses parameters prefixed with GEOIP_ these will still work but should be replaced with MM_ during future updates.
------------

All our shared/enterprise/reseller hosting servers include Mod_GeoIP, which is a database that can be used to map a website visitor's IP address to their country. This can be used to deny/allow access to your website.

Please note:

  • The Mod_GeoIP database has been compiled by MaxMind, a third-party provider.
  • The country database is estimated to have 99.8% accuracy, but that isn't perfect, so it should not be used for critical applications.
  • New IP ranges will take some time to appear in the database or may be mapped to the wrong country initially.
  • Users can always get around a country allow/deny access by using a VPN/proxy.
  • Multinational corporations often have an IP range based on where their headquarters are, this could result in false positive results for these users.
  • Mod_GeoIP is a legacy database, and has been replaced by Mod_MaxMindDB, but at this time it does not integrate with the Apache web server. When the new database is able to integrate with our servers, the system will be updated accordingly.
  • You can find info on Mod_GeoIP here: http://dev.maxmind.com/geoip/legacy/mod_geoip2/

Enable GeoIP on your website

To enable GeoIP on your website, you should add the following 3 lines to the top of your .htaccess file:

<IfModule mod_geoip.c>
  GeoIPEnable On
</IfModule>

GeoIP is usually pre-enabled on the server configuration level, but the above rules would ensure that it's actually enabled.

If you do not have a .htaccess file, simply create one in the main directory of your website. The main directory is normally called public_html unless you are working with a sub-domain or addon domain, which will have its own directory.

GeoIP variables

The main GeoIP variables that will be made available on your website are:

GEOIP_ADDR
GEOIP_CONTINENT_CODE
GEOIP_COUNTRY_CODE
GEOIP_COUNTRY_NAME
GEOIP_REGION
GEOIP_REGION_NAME
GEOIP_CITY

In this guide we'll concentrate on GEOIP_COUNTRY_CODE which outputs a 2-digit ISO country code, from AF (Afghanistan) to ZW (Zimbabwe). The full list of country codes can be found here: https://www.nationsonline.org/oneworld/country_code_list.htm

We will provide four examples, to deny access, to allow access, to redirect visitors and to use in PHP code.

Example 1 - Deny access from 3 countries

In this example, the code will deny access from visitors in 4 countries: RU (Russia), CN (China) and US (United States).

Add this to your .htaccess file:

<IfModule mod_geoip.c>
SetEnvIf GEOIP_COUNTRY_CODE RU BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE CN BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE US BlockCountry
Deny from env=BlockCountry
</IfModule>

Any users from RU, CN or US will encounter a "403 Forbidden" error when visiting the website.

Example 2 - Allow access from only 2 countries

In this example, the code will allow access from visitors in two countries only, DE (Germany) and GB (United Kingdom).

Add this to your .htaccess file:

<IfModule mod_geoip.c>
SetEnvIf GEOIP_COUNTRY_CODE DE PermitCountry
SetEnvIf GEOIP_COUNTRY_CODE GB PermitCountry
Deny from All
Allow from env=PermitCountry
</IfModule>

Any users not from DE or GB will encounter a "403 Forbidden" error when visiting the website.

Example 3 - Deny access from 3 countries

In this example, the code will deny access to visitors in 3 countries (Ireland, United Kingdom, Netherlands). Any other countries will be able to access the website normally.

Add this to your .htaccess file:

<IfModule mod_geoip.c>
RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^(IE|GB|NL)
RewriteRule .* - [F]
</IfModule>

Any users from the 3 countries will encounter a 404 error 'Page not found' when visiting the website.

Example 4 - Redirect access from 3 countries

In this example, the code will redirect visitors in 3 countries (Ireland, United Kingdom, Netherlands) to Google. Any other countries will be able to access the website normally.

Add this to your .htaccess file:

<IfModule mod_geoip.c>
RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^(IE|GB|NL)$
RewriteRule ^(.*)$ https://google.com/$1 [L]
</IfModule>

If you want to switch it around so only those 3 countries are allowed access and all other countries are redirected, you would include a ! symbol before the list of country codes, like this:

RewriteCond %{ENV:GEOIP_COUNTRY_CODE} !^(IE|GB|NL)$

Example 5 - Use the variable in PHP code

In this example, we will use PHP code to output the country code and country name. Add this code to a PHP file:

<?php
print "Your 2-digit country code is " . $_SERVER['GEOIP_COUNTRY_CODE'] . 
" so you are visiting from " .$_SERVER['GEOIP_COUNTRY_NAME'];

This example will print a message to visitors from Canada, then use the exit() function to prevent the rest of the web page from loading:

<?php
if ($_SERVER['GEOIP_COUNTRY_CODE'] === 'CA') {
    print "Visitors from Canada are blocked.";
    exit();
}

We recommend implementing any country deny/allow rules or .htaccess rewrite rules in conjunction with your website developer / IT person.

DISCLAIMER: The scripts provided in our knowledgebase are for informational purposes only. We do not provide any warranty or support. It is essential to review and modify the scripts to fit your site's specific needs. There may be unforeseen outcomes when adding new script code to an existing website. You should discuss it with your website manager and seek advice from an experienced website developer if you are unsure.

Updated by SP on 11/05/2023

Was this answer helpful? 2 Users Found This Useful (2 Votes)