Hi folks,
I use Nginx as reverse proxy on my IPFire and want to block some countries, depending on the target domain. (Target webserver and Letsencrypt are working without problems):
╔═════════╤═════════════════════╗───┬─── example.com
WAN ───║ IPFire ││ │ ║ └─── sub1.example.com
╟─────────┘│ │ ║
║ INCOMING │ REVERSE │ OUTGOING ║───┬─── domain.com
║ TRAFFIC │ PROXY │ TRAFFIC ║ └─── sub1.domain.com
╚═══════════════════════════════╝
TargetDomain TargetIP BlockedCountry
example.com 192.168.2.50 A,C,..,Z
sub1.example.com 192.168.2.50 -
domain.com 192.168.2.51 D,E,F
sub1.domain.com 192.168.2.51 -
Do I need two rules for that?
-
- Rule between WAN and reverse proxy
-
- Rule between reverse proxy and the target webserver with geo blocking?