====== Nginx ======
HAPROXY - pfsense - [[https://hwp.ru/articles/nastraivaem_blokirovku_po_geoip_dlya_veb_servisov_ispolzuya_pfsense_haproxy_i_besplatnye_bazy_ipdeny/?utm_referrer=https%3A%2F%2Fwww.google.com%2F|link]] \\
Lists of geoip - https://www.ipdeny.com/ipblocks/ https://mailfud.org/geoip-legacy/ \\
===== Nginx Geoip =====
 [[https://ru.stackoverflow.com/questions/1378257/%D0%9A%D0%B0%D0%BA-%D0%BF%D0%BE%D0%B4%D0%BA%D0%BB%D1%8E%D1%87%D0%B8%D1%82%D1%8C-geoip-%D0%BC%D0%BE%D0%B4%D1%83%D0%BB%D1%8C-%D0%B2-docker-%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%B9%D0%BD%D0%B5%D1%80%D0%B5-nginx|geoip]] \\
<code BASH>
# updated geoip list https://mailfud.org/geoip-legacy/ 
#/etc/nginx/conf.d/geoip.conf
geoip_country         /usr/share/GeoIP/GeoIP.dat;

    # Define a variable to check if the client is from Russia
    map $geoip_country_code $is_russia {
        default no;
        RU yes;
    }

    # Define a variable to check if the client IP is within the 10.59.0.0/16 range
    geo $is_local {
        default no;
        10.59.0.0/16 yes;
    }

    # Combine the checks into a single variable
    map "$is_russia$is_local" $allowed {
        default no;
        yesno yes;
        noyes yes;
    }



#block on geo
#server.conf
    if ($allowed = no) {
        return 403;
   }
</code>