How to start using GeoLite2(GeoIP) Database
Since version 4.5.8 Roxy-WI allows downloading and update GeoLite2 via the web panel.
GeoIP is the MaxMind’s IP intelligence product. It provides IP geolocation and proxy detection for a wide range of applications including content customization, advertising, digital rights management, compliance, fraud detection and security.
Databases
GeoLite2 databases are free IP geolocation databases comparable to, but less accurate than, MaxMind’s GeoIP2 databases. The GeoLite2 Country, City, and ASN databases are updated weekly, every Tuesday.
IP Geolocation Usage
IP geolocation is inherently imprecise. Locations are often near centers of the population. Any location provided by a GeoIP database should not be used to identify a particular address or household.
Use the Accuracy Radius as a sign of geolocation accuracy for the latitude and longitude coordinates Maxmind returns for an IP address. The actual location of the IP address is likely within the area defined by this radius and the latitude and longitude coordinates.
MaxMind provides access to GeoLite2 databases only for registered users. So, you need to get a license key. All the details are described in the instruction below.
First of all, create an account here:
when you have created your account, you will receive an email with further instructions:
Follow the link to create a password:
After finishing the registration, you will be granted access to your private cabinet:
To download the database, you need to get a license key. Go to "My Licence Key" section: Follow the link to create a password:
Next:
Next:
The license key will be displayed on the screen. Copy and save it as it will not be shown anymore:
Specify your key as the value of the maxmind_key parameter in your group settings:
Roxy-WI allows using GeoLite2 via the web interface. Create a license key to start using it.
After you have created the Licence key and added it into the group settings, you can start using GeoLite2 Database:
Select a server for uploading, Roxy-WI will define if GeoLite2 is already installed on it(in the black box), and press the "Install" button(in the green box).
Roxy-WI will download and format it from GeoIP to acceptable format for HAProxy service. Also Roxy-WI will separate divide a big file with IPs into many smaller files (each file for one country) e.g.: file AD.subnets consists of all IPs which used in Andorra.
MaxMind updates GeoLite2 databases every Tuesday, so it should be updated every week. Roxy-WI can do it! Just check "Updating" checkbox.
How files with IPs for each continent can be used for creating ACLs:
acl acl_AF src -f /etc/haproxy/geoip/AF.txt
acl acl_AN src -f /etc/haproxy/geoip/AN.txt
acl acl_AS src -f /etc/haproxy/geoip/AS.txt
acl acl_EU src -f /etc/haproxy/geoip/EU.txt
acl acl_NA src -f /etc/haproxy/geoip/NA.txt
acl acl_OC src -f /etc/haproxy/geoip/OC.txt
acl acl_SA src -f /etc/haproxy/geoip/SA.txt
You may reject all connections from a certain continent (for Africa, for instance):
http-request deny if !acl_AF
or address them to different backend servers:
use_backend bk_af if acl_AN
Since Roxy-WI version 6.2.1, you can install GeoLite2 for the NGINX service on your servers. Go to the Servers-GeoLite2 section, choose NGINX as a service and click the Installation button.
