Pour Ubuntu / Debian
apt-get install plesk-php56-dev plesk-php70-dev build-essential gcc php-pear geoip-bin libgeoip-dev geoip-database libapache2-mod-geoip mod_geoip php5-geoip
Pour Centos
yum install make plesk-php70-devel gcc glibc-devel GeoIP-devel zlib-devel mod_geoip
Ensuite pour l'ensemble :
pecl install geoip
/opt/plesk/php/7.0/bin/pecl install http://pecl.php.net/get/geoip-1.1.1.tgz
echo "extension=geoip.so" > /opt/plesk/php/7.0/etc/php.ini
echo "geoip.custom_directory='/usr/share/GeoIP/'" > /opt/plesk/php/7.0/etc/php.ini
plesk bin php_handler --reread
plesk bin php_handler --list
On active :
a2enmod rewrite
a2enmod geoip
Vérifier :
/opt/plesk/php/7.0/bin/php -m | grep geoip
Récupération de la base + automatisation
Le module est automatiquement configuré par le fichier
/etc/apache2/mods-available/geoip.conf
Il faut modifier le fichier pour donner cela :
vi /etc/apache2/mods-available/geoip.conf
---------------------------------------------------------------------
<IfModule mod_geoip.c>
GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat
GeoIPDBFile /usr/share/GeoIP/GeoIPASNum.dat
GeoIPDBFile /usr/share/GeoIP/GeoLiteCity.dat
GeoIPDBFile /usr/share/GeoIP/GeoIPv6.dat
GeoIPDBFile /usr/share/GeoIP/GeoIPASNumv6.dat
GeoIPDBFile /usr/share/GeoIP/GeoLiteCityv6.dat
GeoIPScanProxyHeaders On
</IfModule>
---------------------------------------------------------------------
mkdir -p /opt/scripts/
nano /opt/scripts/updateGeoIP.sh
Coller les ligne entre les tirets
--------------------------------------------------------------------
#!/bin/bash
#
# GeoIP Databases Update
# Version 1.1
#
# updateGeoIP.sh
#
# SID Solutions
# Copyright (c) 01/13/2008
# Programmed by Sid McLaurin
#
# Adpated for Apache & regular Debian folders by kent1
#
# Description:
#
# Script to update all GeoIP databases
#
# Location:
#
# /opt/scripts/
#
# Changes:
# 01/02/2009 - Create an URL for the new location of the
# GeoIP.dat
# 20/07/2009 - Adaptation forApache & regular Debian
# folders by kent1
# Variables
URL=http://www.maxmind.com/download/geoip/database/
URLBETA=http://www.maxmind.com/download/geoip/database/GeoLiteCityv6-beta/
NUMURL=http://www.maxmind.com/download/geoip/database/asnum/
COUNTRYURL=http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/
GEODBS=( "GeoIP.dat.gz" "GeoLiteCity.dat.gz" "GeoIPASNum.dat.gz" "GeoIPv6.dat.gz" "GeoLiteCityv6.dat.gz" "GeoIPASNumv6.dat.gz" )
GEOPATH=/usr/share/GeoIP
GEOUSER=www-data
GEOGROUP=www-data
echo -e "\n\033[1;32m\tStarting GeoIP Database Update\n \033[0m"
# Change to GeoIP database directory
cd $GEOPATH
# Delete previous database
echo -e "\033[1;33mRemoving previous databases\033[0m ...............\c"
/bin/rm -f Geo*dat
echo -e "\033[1;32m Done!\n \033[0m"
# Get new databases
echo -e "\033[1;31mDownloading databases\n\033[0m"
for GEODB in ${GEODBS[@]}
do
echo -e "\tDownloading \033[1;33m"$GEODB"\033[0m ..........\c"
if [ $GEODB = "GeoLiteCity.dat.gz" ] || [ $GEODB = "GeoIPv6.dat.gz" ]
then
/usr/bin/wget $URL$GEODB > /dev/null 2>&1
elif [ $GEODB = "GeoIPASNum.dat.gz" ] || [ $GEODB = "GeoIPASNumv6.dat.gz" ]
then
/usr/bin/wget $NUMURL$GEODB > /dev/null 2>&1
elif [ $GEODB = "GeoLiteCityv6.dat.gz" ]
then
/usr/bin/wget $URLBETA$GEODB > /dev/null 2>&1
else
/usr/bin/wget $COUNTRYURL$GEODB > /dev/null 2>&1
fi
echo -e "\033[1;32m Done!\n \033[0m"
done
# Deflate new databases
echo -e "\033[1;31mDeflating databases\n\033[0m"
for GEODB in ${GEODBS[@]}
do
echo -e "\tDeflating \033[1;33m"$GEODB"\033[0m ............\c"
/bin/gunzip $GEODB
echo -e "\033[1;32m Done!\n \033[0m"
done
# Set permissions
if [ "$GEOUSER" != "" ] || [ "$GEOGROUP" != "" ];
then
echo -e "\033[1;31mSetting permissions\n\033[0m"
fi
# Set user permissions
if [ "$GEOUSER" != "" ]
then
echo -e "\033[1;33m\tSetting user permissions to "$GEOUSER"\033[0m .........\c"
/bin/chown -R $GEOUSER $GEOPATH
echo -e "\033[1;32m Done!\n \033[0m"
fi
# Set group permissions
if [ "$GEOGROUP" != "" ]
then
echo -e "\033[1;33m\tSetting group permissions to "$GEOGROUP"\033[0m ........\c"
/bin/chgrp -R $GEOGROUP $GEOPATH
echo -e "\033[1;32m Done!\n \033[0m"
fi
# Done!
echo -e "\033[1;32m\tGeoIP Database update completed!\n \033[0m"
--------------------------------------------------------------------
chmod +x /opt/scripts/updateGeoIP.sh
bash /opt/scripts/updateGeoIP.sh
ls -lsa /usr/share/GeoIP
crontab -e 0 5 15 * * /opt/scripts/updateGeoIP.sh > /dev/null 2>&1
(Autre / Facultatif) Vous pouvez le faire manuellement
wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
gunzip GeoLiteCity.dat.gz
mkdir -v /usr/share/GeoIP
mv -v GeoLiteCity.dat /usr/share/GeoIP/GeoIPCity.dat
Vous pouvez ensuite tester avec une fichier PHP
<?php phpinfo(); ?>
Et voir les détails de GEOIP
Puis ensuite executer la commande PHP suivante :
<?php print_r(geoip_record_by_name('php.net')); ?>
Il suffit de rajouter cela dans votre htaccess :
------------------------------------------------------------------
# ------------------------------------------------------------------------------
# | PROTECTION IP/GEOIP |
# ------------------------------------------------------------------------------
<IfModule mod_geoip.c>
GeoIPEnable On
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine on
# Blocage plages IP
RewriteCond %{REMOTE_ADDR} ^109\.[0-9]+\.[0-9]+\.[0-9]+ [OR]
RewriteCond %{REMOTE_ADDR} ^151\.[0-9]+\.[0-9]+\.[0-9]+ [OR]
RewriteCond %{REMOTE_ADDR} ^178\.[0-9]+\.[0-9]+\.[0-9]+
RewriteRule .* - [F]
# Blocage par pays
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^BG|RO|RU|NE|SN|NG|BJ|CI|UL|IL|A1|AF|AS$ [OR]
RewriteCond %{ENV:GEOIP_COUNTRY_CODE_V6} ^BG|RO|RU|NE|SN|NG|BJ|CI|UL|IL|A1|AF|AS$
RewriteRule .* - [F]
# Blocage des Proxy
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule ^(.*)$ - [F]
</IfModule>
------------------------------------------------------------------
