Blocking Requests Geographically

By default, in Transparent Edge Services, we geolocate all requests that pass through our systems and send a header with the country code from which the request was made to the origin. This header is called geo_country_code.

geo_country_code: ES

For this functionality, we integrate with GeoIP2 Enterprise Database. This database has a 99.8% accuracy for country-level geolocation.

It's also possible to send other data provided by this database as an HTTP header to the origin, such as the city. However, please note that the accuracy at the city level in this database is around 75% for Spain. You can check the accuracy by country here.

The value of the geo_country_code header is the country code based on the standard ISO 3166.

If the system is unable to locate the user's IP, the header will contain the string 'Unknown'.

Using this header, we can make various decisions, such as redirection, serving specific content for that country, or simply geoblocking content.

For geoblocking, you can go to your dashboard, navigate to Provisioning, VCL Config, and in the advanced section, duplicate the current production configuration. Then, insert the geoblocking code within the vcl_recv function:

sub vcl_recv{
    if (req.http.geo_country_code ~ "RU") { 
        call deny_request;

Likewise, we could redirect the website to a specific URL or site based on the user's origin. For example:

sub vcl_recv{
    if (req.http.geo_country_code ~ "ES|AD|PT") { 
        set req.http.X-retSynth = "751,";
    } else {
        set req.http.X-retSynth = "751,"

Last updated