How to redirect/block users by country using NGINX

As a web administrator we are sometimes faced with the challenge of blocking/redirecting users based on the client's country.

How to redirect/block users by country using NGINX
nginx redirect/block based on country

Nginx is the second most used web server after Apache. As a web administrator you are sometimes faced with the challenge of only authorizing the countries where most of your targeted users reside. Google on itself does not prevent your content from appearing only on specific countries. You can implement geo targeting on google, however this does not prevent your content from appearing on other countries. That said, you should implement geo targeting if your site targets a specific country due to the SEO benefits. Blocking users by country is useful, but use it wisely.

NB: You should be careful with blocking/redirecting by country, Googlebot resides in USA. Blocking USA means Googlebot wont be able to reach your server. This is true for bots that reside in other countries.

Install nginx:

sudo apt install nginx
Install nginx

In order for nginx to be able to detect country based on IP the following modules should be installed geoip-database   and libgeoip1

On Debian install them like below:

sudo apt install geoip-database libgeoip1
install geoip database

The GeoIP module uses precompiled MaxMind databases to detect client location based on IP address.

The GeoIP module can do three things:

  1. Detect Country based on clients IP. geoip_country file;
  2. Detect City based on clients IP. geoip_city file;
  3. Detect Organization based on clients IP. geoip_org file;

Read more about Nginx GeoIP  Module

Loading GeoIP Module

On Debian 11 after installing nginx the GeoIP module is ussually automatically loaded.

Check if GeoIP is loaded on your system.

sudo cat /etc/nginx/modules-enabled/50-mod-http-geoip.conf
check goeip

The result should be load_module modules/;

If the file does not exist you'll have to load the module. To do that edit /etc/nginx/nginx.conf configuration file.

Add the following load_module modules/; at the beginning to load the module.

load_module modules/;

Test nginx

After adding or ensuring that GeoIP module is loaded on your nginx. Test nginx with the below command to ensure everything is okay.

sudo nginx -t

Results should look like below:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Blocking/Redirecting users based on Country

Now that we have all that configured we can easily block users based on country. To do that we are required to edit the nginx server configuration file.

On debian 11 the default configuration is located in /etc/nginx/sites-enabled/default

On the configuration file edit it. Use the snippets below to fill your configuration.

NB: Ignore the dots ......... they are just an indication for your other code.

# Detect country based on client IP
geoip_country /usr/share/GeoIP/GeoIP.dat; # load geoip IP data
map $geoip_country_code $allow_directive { 
    default yes;
    KE redirect;
    NG redirect;
    RU no;
    CN no;


server {


# Redirect Countries to be redirected
if ($allow_directive = redirect) {
    default_type text/html;
    return 200 "<!DOCTYPE html><h2>Not available in your Country!</h2>\n";
# Block blocked countries
if ($allow_directive = no) {
    return 444;



The first chunk of code loads the geo_ip module data. This enables nginx to detect the country of clients based on their IP. If the country is one we want to redirect we set variable allow_directive to redirect . The countries we want to block we set allow_directive to no . The rest of the countries are allowed since the default directive is yes.

NB: The first chuck of code should be written outside server {}.


Redirecting users is useful for countries your business intends to capitalize on in future. However for countries where your business has no intention of venturing into you can just block them all the way.

Depending on your use case the ability to block/redirect users based on IP is usually useful.

Subscribe to Bluedoa Digest

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
Enter your email