Friday 13 March 2020

Filtering web-traffic to specific Countries



There are numerous tools and methods to manage traffic to web servers, and here we are going to review the steps to block/allow Apache web traffic based on origin country. You can redirect or block web traffic of your client using the GeoIP module. This would be helpful in Fraud Detection, Target Content, Spam Fighting, etc.

Installing  GeoIP

GeoIP is a library that enables the user on finding the accessing IP-address’s origination.  On day-to-day server management, requirements and purposes may vary and one may need to block traffic from certain countries reaching your Apache webserver.  Here we are going to use the GeoIP module with apache in achieving the same. Installing GeoIP Library, GeoIP database, Apache GeoIP module, and the GeoIP update script.

# yum install epel-release
# yum install GeoIP GeoIP-GeoLite-data geoipupdate mod_geoip

 To verify the above installaton, you can test with ‘geoiplookup’ command and it is also important to keep the GeoIP database updated and can be achieved by ‘geoipupdate’ command.  However, a cron to run ‘geoipupdate’ can be created with your frequency.

Updating Apache configuration to enable GeoIP:

Module mod_geoip handles the services in apache web server and the generic configuration file is located at /etc/httpd/conf.d/geoip.conf.
Edit the geoip.conf file to enable GeoIP, specify the DB path and enable GeoIPScanProxy Headers.
# cat /etc/httpd/conf.d/geoip.conf
<IfModule mod_geoip.c>
GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat
GeoIPScanProxyHeaders On
</IfModule>
#

Blocking Country:

To block countries from accessing your webserver add Deny rules in /etc/httpd/conf.d/geoip.conf .
Example 
# cat /etc/httpd/conf.d/geoip.conf
<IfModule mod_geoip.c>
GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat
<Directory />

 SetEnvIf GEOIP_COUNTRY_CODE AN BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE BL BlockCountry

 # add any number of countries here based on your requirement
# you can refer to the country codes in GeoIP website.

 Deny from env=BlockCountry
</Directory>
</IfModule>
#

 Note: Restart apache server for any changes done to take effect.

GeoIP Country Codes


Quick Reference country codes (Mod GeoIP)

/etc/httpd/conf.d/geoip.conf
Example Usage as mentioned earlier
 SetEnvIf GEOIP_COUNTRY_CODE CN BlockCountry




Hope this helped you to redirect or block web traffic of your client using the GeoIP module. If you find any difficulty in blocking/allowing Apache web traffic we can help you.

You can check our previous blog: Remove error_log files on a cPanel server

Follow us for more updates on Facebook, Twitter
Posted by at No comments:

Tips to fix Cloudflare error 522







Looking for a solution to fix your Cloudflare error 522, then here is the fix. When you try to access a website that uses Cloudflare, you might come across 522 error, which shows “ERR_CONNECTION_TIMED_OUT”.  This happens when Cloudflare times out contacting the parent web server.

The Code 522 stands for 'Connection timed out', and occurs when there is a high usage of Cloudflare, but the major cause of error 522 can be due to:
  • Overloading of the Parent/Origin Server may Take Place
  • Firewall Block
  • Problems in Routing
  • Incorrect IP Address in the DNS Settings

Quick Tips:
Ensure that you are blocking Cloudflare IPs in .htaccess, iptables, or your firewall
Ensure all our IPs are whitelisted, If not you can see 522 errors in certain locations

Solution to fix Cloudfare Error Code 522


  • Disable interfering Plug-ins
Sometime, specific plug-ins that create a variety of queries more than the required and an increase in the corresponding database will generate a high load on the server.
To get rid of this problem, you need to install the Plug-in performance profiler and it helps to detect which plugins are mischievous with the overloaded queries in the database. Once the issues are identified successfully, you can uninstall the interfering plugins and check if the problem is fixed.
  • Enable Cache Plug-in
The cache is that part of the memory that stores the data from the website you visit frequently. Therefore you can reduce the server load by decreasing the queries to the corresponding database. You can easily improve the connection speed of the server with the help of the cache plugin. Use the WP Super Cache plugin on a shared hosting service.
  • Manage Configurations
By managing, the configuration setting of the server can cause this error 522 to disappear but this is a lengthy task. First, you need to remove the domain on Cloudflare, then install the cPanel again and add the domain name. This kind of process will help to remove the bug.
  • Image optimization
The process of compressing the image size for better optimization will help to reduce the server load and decrease bandwidth consumption. Consequently, it will increase website speed.
  • Contact Hosting Provider
You can check with your hosting provider to identify any blocking attributes to Cloudflare systems. Contacting your hosting provider would ensure that your server does not block any of the Cloudflare’s IP’s.
  • Implement Lazy load plug-ins          
You can reduce the usage of image bandwidth to an extent with the help of these plug-ins and thereby enhance the performance on a large scale.

Wrapping up:

Make sure your website responds to Cloudflare queries within 60s by compressing your image, activate the 'keepalive' message, and optimize your database. Thereby you can reduce your bandwidth consumption. 

Check our previous post: Filtering web-traffic to specific Countries

 Follow us for more updates on Facebook, Twitter

Posted by at No comments:
Subscribe to: Posts (Atom)