Centova Technologies Forum
		Centova Cast v2 => Technical discussion => Topic started by: Mark Carney on December 10, 2009, 03:59:56 am
		
			
			- 
				This was something I need for one of my customers and all credit for the below goes to Michael Shinn of Prometheus Global - home of Atomic Secured Linux.
 
 
 First you will need to either pay for, or download a free database of geomaps. Check out www.maxmind.com for free database files. (They also sell database files)
 
 Then set this in your global modsecurity configuration:
 
 SecGeoLookupDb /usr/local/geo/data/GeoLiteCity.dat
 
 Heres a simple rule to block anything from China:
 
 SecRule REMOTE_ADDR "@geoLookup" "chain,drop,msg:'Blocking China Host"
 SecRule GEO:COUNTRY_CODE "@streq CN" "t:none"
 
 And drop that into the vhost.conf file for that domain.
 
 And these are the fields you can change:
 
 COUNTRY_CODE: Two character country code. EX: US, UK, etc.
 
 COUNTRY_CODE3: Up to three character country code.
 
 COUNTRY_NAME: The full country name.
 
 COUNTRY_CONTINENT: The teo character continent that the country is located. EX: EU
 
 REGION: The two character region. For US, this is state. For Canada, providence, etc.
 
 CITY: The city name.
 
 POSTAL_CODE: The postal code.
 
 LATITUDE: The latitude.
 
 LONGITUDE: The longitude.
 
 DMA_CODE: The metropoliton area code. (US only)
 
 AREA_CODE: The phone system area code. (US only)