How to Install Mod_GeoIP for Apache in RHEL and CentOS

Mod_GeoIP is an Apache module that can be used to get the geographic location of IP address of the visitor into the Apache web server. This module allows you to determine the visitor’s country, organization and location. It is specially useful for Geo Ad Serving, Target Content, Spam Fighting, Fraud Detection, Redirecting/Blocking visitors based on their country and much more.

GeoIP module allows system administrators to redirect or block web traffic according on the client geographical location. The geographical location is learned via client IP address.

Mod_GeoIP has two different version one is Free and another one is Paid and uses MaxMind GeoIP / GeoCity databases.

  1. Free Version : In Free version the Geo City and Country databases are availble with 99.5% accuracy.
  2. Paid Version : In Paid version you will get both databases with 99.8% accuracy with some more advanaced details about IP address.

If you like to check out the more differences betweetn Free and Paid version, please visit the

This article explains how to setup and install Mod_GeoIP module for Apache in RHEL and CentOS using EPEL repository with YUM package manager utility.

We assume that you already have running RHEL and CentOS system with a working LAMP (Linux, Apache, MySQL and PHP) setup. If not, then read our articles where we’ve shown the installation of both operating systems with LAMP.

Installation Of RHEL/CentOS
  1. Installation of Red Hat Enterprise Linux (RHEL) 7.3 Guide
  2. Installation of CentOS 7.3 Guide
LAMP Setup on RHEL/CentOS
  1. How to Install LAMP (Linux, Apache, MySQL, PHP) on RHEL and CentOS

Enable EPEL Repository in RHEL and CentOS

By default mod_Geoip is not avilable under RHEL / CentOS official repository, so we need to install and enable third party EPEL repository.

# yum install epel-release

Install Mod_GeoIP in RHEL and CentOS

Once you’ve EPEL repository enabled on your system, you can simple install mod_geoip by running following command with their dependency packages.

# yum install mod_geoip GeoIP GeoIP-devel GeoIP-data zlib-devel

Download latest Geo City and Country Database

It’s good idea to download latest Geo City and Country Database to stay updated.

# cd /usr/share/GeoIP/
# mv GeoIP.dat GeoIP.dat_org
# wget
# wget
# gunzip GeoLite2-Country.tar.gz
# gunzip GeoLite2-City.tar.gz

Enable Mod_GeoIP in Apache

After the module has been installed, open and edit the module main configuration file, with a command line text editor such as vi, and activate the module server-wide, as illustrated in the below excerpt.

# vi /etc/httpd/conf.d/geoip.conf

Set the line GeoIPEnable from Off to On. Also, make sure you add the absolute path to GeoIP database file.

<IfModule mod_geoip.c>
GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat MemoryCache

Restart the Apache service to reflect changes.

# systemctl restart httpd
# service httpd restart

However, it’s not recommended to turn on GeoIP module server-wide. You should enable the GeoIP module only in <Location> or <Directory> blocks where you would actually perform the traffic redirection or block.

Testing Mod_GeoIP Module

To test the mod_geoip module is working correctly with Apache, we need to creat a PHP file called testgeoip.php under Apache root directory (e.g. /var/www/html).

# vi /var/www/html/testgeoip.php

Insert the following piece of php code to it.

  <title>What is my IP address - determine or retrieve my IP address</title>
     if (getenv(HTTP_X_FORWARDED_FOR)) {
        $pipaddress = getenv(HTTP_X_FORWARDED_FOR);
        $ipaddress = getenv(REMOTE_ADDR);
        echo "Your Proxy IP address is : ".$pipaddress. " (via $ipaddress) " ;
    } else {
        $ipaddress = getenv(REMOTE_ADDR);
        echo "Your IP address is : $ipaddress";
    $country = getenv(GEOIP_COUNTRY_NAME);
    $country_code = getenv(GEOIP_COUNTRY_CODE);
    echo "<br/>Your country : $country ( $country_code ) ";

Now, try to call the file using web browser (e.g. http://localhost/testgeoip.php). You will get your IP address and Country details.

Updating GeoIP Database

GeoIP database is updated beginning of every month. So, its is very important to keep GeoIP database up-to-date. To download latest version of database use the following command.

# cd /usr/share/GeoIP/
# mv GeoIP.dat GeoIP.dat_org
# wget
# wget
# gunzip GeoLite2-Country.tar.gz
# gunzip GeoLite2-City.tar.gz

Automatic GeoIP Database Update

We have written a smaill shell script that will automatically download the latest version of GeoIP database every month. Just place the any of the following script under /etc/cron.monthly.

Script 1
# Automatic GeoIP Database Update
cd /usr/share/GeoIP
mv GeoIP.dat GeoIP.dat_org
wget -q
gzip -d -f GeoLite2-Country.tar.gz
Script 2


DATABASES="GeoLiteCity GeoLiteCountry/GeoIP asnum/GeoIPASNum GeoIPv6"

if [ -d "${GEOIPDIR}" ]; then
        cd $GEOIPDIR
        if [ -n "${DATABASES}" ]; then
                TMPDIR=$(mktemp -d geoipupdate.XXXXXXXXXX)

                echo "Updating GeoIP databases..."

                for db in $DATABASES; do
                        fname=$(basename $db)

                        wget --no-verbose -t 3 -T 60 "${GEOIP_MIRROR}/${db}.dat.gz" -O "${TMPDIR}/${fname}.dat.gz"
                        gunzip -fdc "${TMPDIR}/${fname}.dat.gz" > "${TMPDIR}/${fname}.dat"
                        mv "${TMPDIR}/${fname}.dat" "${GEOIPDIR}/${fname}.dat"
                        chmod 0644 "${GEOIPDIR}/${fname}.dat"
                [ -d "${TMPDIR}" ] && rm -rf $TMPDIR

Redirecting Users based on Country

The below example code will redirect users based on the country code that we set to AS (Asia). This way you can redirect any users based on their county code.

GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat

# Redirect one country
RewriteEngine on
RewriteRule ^(.*)$$1 [R,L]

Blocking Users based on Country

This example will block users based on the country code that GeoIP sets. Below example will block users from AS (Asia) and US (United States) countries.

GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat

# ... place more countries here

Deny from env=BlockCountry

Allowing Users based on Country

This below example will only allow users from below mentioned countries.

GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat

# ... place more countries here

Deny from all
Allow from env=AllowCountry

For more information about mod_geoip and its usage can be found at If you’re having any trouble in setting up mod_geoip module, please let us know via comments and please don’t forget to share it with your friends.

Best Affordable Linux and WordPress Services For Your Business
Outsource Your Linux and WordPress Project and Get it Promptly Completed Remotely and Delivered Online.

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.45/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Ravi Saive

I am Ravi Saive, creator of TecMint. A Computer Geek and Linux Guru who loves to share tricks and tips on Internet. Most Of My Servers runs on Open Source Platform called Linux. Follow Me: Twitter, Facebook and Google+

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

27 Responses

  1. richard says:

    You changed to the file name in this line: gunzip GeoLite2-Country.tar.gz
    but that just produces a .tar file in a new directory.

    It no longer produces the file: GeoIP.dat nor does it put it in the current directory
    so the lines in later code: GeoIPDBFile /usr/share/GeoIP/GeoIP.dat
    will no longer work.

    More changes are needed in your code. Have you tested your code? I don’t think it will work with all the changes MaxMiind has made in their system.

    • Ravi Saive says:


      Thanks for your input, I think I should re-install and test it again Mod_GeoIP, give me a day or two to test and update this article with latest information.

  2. Richard says:

    It appears that the database files in your code have all changed names because MaxMind has discontinued those files and has new file names:

  3. Jasmin says:

    i get error: /usr/bin/perl: symbol lookup error: /usr/local/lib64/perl5/auto/Geo/IP/ undefined symbol: GeoIP_open

  4. cjwalter says:

    I used the sample script, it shows the IP, not showing Country name .

  5. Naval saini says:

    Nice article
    Each and every step clearly defined

  6. Krunal says:

    What about nginx ?

  7. Stan says:


    deny on geopip.conf does not work. I get the error:

    Stopping httpd: [ OK ]
    Starting httpd: Syntax error on line 21 of /etc/httpd/conf.d/geoip.conf:
    deny not allowed here

    i used the syntax:

    SetEnvIf GEOIP_COUNTRY_CODE DE AllowCountry
    SetEnvIf GEOIP_COUNTRY_CODE AT AllowCountry

    Deny from all
    Allow from env=AllowCountry

    How can i fix this?


  8. Peter says:

    Hi there, nice article.
    But how can I block countries for all my domains which are hosted on my server.
    Or should I have to paste the code into each .htaccess for each domain?

    • Ravi Saive says:

      Yes, you must create a specific .htaccess file under each domain and add the following example of code to block countries.

      SetEnvIf GEOIP_COUNTRY_CODE CN BlockCountry
      SetEnvIf GEOIP_COUNTRY_CODE RU BlockCountry
      Deny from env=BlockCountry

Leave a Reply to Stan Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.