Yadda ake Sanya Mod_GeoIP don Apache a cikin RHEL da CentOS

Mod_GeoIP wani nau'in Apache ne wanda za'a iya amfani dashi don samun wurin yanki na adireshin IP na mai ziyara a cikin sabar gidan yanar gizon Apache. Wannan tsarin yana ba ku damar ƙayyade ƙasa, ƙungiya, da wurin baƙo. Yana da amfani musamman don Sabis na Ad na Geo, Abubuwan Target, Faɗakarwa na Spam, Gano Zamba, Juyawa/Katange baƙi dangane da ƙasarsu da ƙari mai yawa.

Tsarin GeoIP yana bawa masu gudanar da tsarin damar turawa ko toshe zirga-zirgar gidan yanar gizo gwargwadon wurin wurin abokin ciniki. Ana koyon wurin yanki ta hanyar adireshin IP na abokin ciniki.

Mod_geoIp yana da nau'ikan daban-daban guda biyu kyauta kuma an biya wani kuma yana amfani da bayanan Maxmind Geop/Geocity.

  1. Sigar Kyauta: A cikin Sigar Kyauta, ana samun ma'aunin bayanan birnin Geo da na ƙasa tare da daidaiton kashi 99.5%.
  2. Sigar da aka biya: A cikin sigar da aka biya, za ku sami bayanan bayanai biyu tare da daidaiton kashi 99.8% tare da ƙarin cikakkun bayanai game da adireshin IP.

Idan kuna son bincika ƙarin bambance-bambance tsakanin sigar Kyauta da Biya, da fatan za a ziyarci Maxmind.com.

Wannan labarin yana bayanin yadda ake saitawa da shigar da Mod_GeoIP module na Apache a cikin RHEL da CentOS ta amfani da ma'ajin EPEL tare da mai sarrafa fakitin YUM.

Muna ɗauka cewa kun riga kun sami tsarin RHEL da CentOS tare da saitin LAMP mai aiki (Linux, Apache, MySQL, da PHP). Idan ba haka ba, to karanta labarinmu inda muka nuna shigar da tsarin aiki biyu tare da LAMP.

  1. Shigar da CentOS 7 Minimal.
  2. Shigar da CentOS 8 Minimal.

    Yadda ake Sanya LAMP (Linux, Apache, MySQL, PHP) akan RHEL da CentOS 7
  1. Yadda ake shigar Apache, MySQL/MariaDB, da PHP akan RHEL da CentOS 8

Ta hanyar tsoho mod_Geoip ba ya ƙarƙashin ma'ajiyar hukuma ta RHEL/CentOS, don haka muna buƙatar shigarwa da kunna ma'ajiyar EPEL ta ɓangare na uku.

# yum install epel-release
# yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm  [On RHEL 8]

Da zarar kun kunna ma'ajiyar EPEL akan tsarin ku, zaku iya shigar da mod_geoip kawai ta hanyar bin umarni tare da fakitin dogaro.

# yum install mod_geoip GeoIP GeoIP-devel GeoIP-data zlib-devel

Yana da kyau a zazzage sabuwar Geo City da Database na Ƙasa don ci gaba da sabuntawa.

# cd /usr/share/GeoIP/
# mv GeoIP.dat GeoIP.dat_org
# wget http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.tar.gz
# wget http://geolite.maxmind.com/download/geoip/database/GeoLite2-City.tar.gz
# gunzip GeoLite2-Country.tar.gz
# gunzip GeoLite2-City.tar.gz

Bayan an shigar da tsarin, buɗe kuma shirya babban fayil ɗin daidaitawar module ɗin, tare da editan rubutu-layi kamar vi, sannan kunna sabar a faɗin uwar garken, kamar yadda aka kwatanta a cikin sashin ƙasa.

# vi /etc/httpd/conf.d/geoip.conf

Saita layin GeoIPE wanda ba'a iya kashewa zuwa Kunnawa. Hakanan, tabbatar kun ƙara cikakkiyar hanya zuwa fayil ɗin bayanai na GeoIP.

<IfModule mod_geoip.c>
GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat MemoryCache
</IfModule>

Sake kunna sabis ɗin Apache don nuna canje-canje.

# systemctl restart httpd
OR
# service httpd restart

Koyaya, ba a ba da shawarar kunna tsarin GeoIP a faɗin sabar ba. Ya kamata ku kunna tsarin GeoIP kawai a cikin ko tubalan inda za ku iya yin jujjuyawar hanya ko toshewa.

Don gwada tsarin mod_geoip yana aiki daidai tare da Apache, muna buƙatar ƙirƙirar fayil ɗin PHP da ake kira testgeoip.php ƙarƙashin kundin tushen Apache (misali /var/www/html).

# vi /var/www/html/testgeoip.php

Saka wannan yanki na lambar php zuwa gare shi.

<html>
<head>
  <title>What is my IP address - determine or retrieve my IP address</title>
 </head>
<body>
 <?php
     if (getenv(HTTP_X_FORWARDED_FOR)) {
        $pipaddress = getenv(HTTP_X_FORWARDED_FOR);
        $ipaddress = getenv(REMOTE_ADDR);
        echo "Your Proxy IP address is : ".$pipaddress. " (via $ipaddress) " ;
    } else {
        $ipaddress = getenv(REMOTE_ADDR);
        echo "Your IP address is : $ipaddress";
    }
    $country = getenv(GEOIP_COUNTRY_NAME);
    $country_code = getenv(GEOIP_COUNTRY_CODE);
    echo "<br/>Your country : $country ( $country_code ) ";
?>
</body>
</html>

Yanzu, gwada kiran fayil ɗin ta amfani da burauzar gidan yanar gizo (misali http://localhost/testgeoip.php). Za ku sami adireshin IP ɗin ku da cikakkun bayanan ƙasar.

Ana sabunta bayanan GeoIP farkon kowane wata. Don haka, yana da matuƙar mahimmanci don kiyaye bayanan GeoIP na zamani. Don zazzage sabuwar sigar ma'ajin bayanai yi amfani da umarni mai zuwa.

# cd /usr/share/GeoIP/
# mv GeoIP.dat GeoIP.dat_org
# wget http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.tar.gz
# wget http://geolite.maxmind.com/download/geoip/database/GeoLite2-City.tar.gz
# gunzip GeoLite2-Country.tar.gz
# gunzip GeoLite2-City.tar.gz

Mun rubuta ƙaramin rubutun harsashi wanda zai sauke sabon sigar bayanan GeoIP ta atomatik kowane wata. Kawai sanya kowane rubutun a ƙarƙashin /etc/cron.monthly.

# Automatic GeoIP Database Update
#!/bin/sh
cd /usr/share/GeoIP
mv GeoIP.dat GeoIP.dat_org
wget -q http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.tar.gz
gzip -d -f GeoLite2-Country.tar.gz
#!/bin/sh

GEOIP_MIRROR="http://geolite.maxmind.com/download/geoip/database"
GEOIPDIR=/usr/share/GeoIP
TMPDIR=

DATABASES="GeoLiteCity GeoLiteCountry/GeoIP asnum/GeoIPASNum GeoIPv6"

if [ -d "${GEOIPDIR}" ]; then
        cd $GEOIPDIR
        if [ -n "${DATABASES}" ]; then
                TMPDIR=$(mktemp -d geoipupdate.XXXXXXXXXX)

                echo "Updating GeoIP databases..."

                for db in $DATABASES; do
                        fname=$(basename $db)

                        wget --no-verbose -t 3 -T 60 "${GEOIP_MIRROR}/${db}.dat.gz" -O "${TMPDIR}/${fname}.dat.gz"
                        gunzip -fdc "${TMPDIR}/${fname}.dat.gz" > "${TMPDIR}/${fname}.dat"
                        mv "${TMPDIR}/${fname}.dat" "${GEOIPDIR}/${fname}.dat"
                        chmod 0644 "${GEOIPDIR}/${fname}.dat"
                done
                [ -d "${TMPDIR}" ] && rm -rf $TMPDIR
        fi
fi

Lambar misalin da ke ƙasa za ta tura masu amfani bisa lambar ƙasar da muka saita zuwa AS (Asiya). Ta wannan hanyar zaku iya tura kowane mai amfani bisa la'akari da lambar gundumar su.

GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat

# Redirect one country
RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^AS$
RewriteRule ^(.*)$ https://linux-console.net$1 [R,L]

Wannan misalin zai toshe masu amfani dangane da lambar ƙasar da GeoIP ya saita. Misalin da ke ƙasa zai toshe masu amfani daga AS (Asiya) da Amurka (Amurka).

GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat

SetEnvIf GEOIP_COUNTRY_CODE AS BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE US BlockCountry
# ... place more countries here

Deny from env=BlockCountry

Wannan misalin da ke ƙasa zai ƙyale masu amfani daga ƙasashen da aka ambata kawai.

GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat

SetEnvIf GEOIP_COUNTRY_CODE AS AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE US AllowCountry
# ... place more countries here

Deny from all
Allow from env=AllowCountry

Ana iya samun ƙarin bayani game da mod_geoip da amfaninsa a http://www.maxmind.com/app/mod_geoip. Idan kuna fuskantar wata matsala wajen kafa tsarin mod_geoip, da fatan za a sanar da mu ta hanyar sharhi kuma da fatan kar a manta da raba shi tare da abokanka.