How to block countries from accessing your application in Nginx

Where necessary, you may need to have access to a VPS server so you can follow how to implement the steps in this article.  You can get a cheaper VPS Server from Contabo with 4vCPU cores, 8GM RAM, and 32TB Bandwidth for less than $5.50 per month. Get this deal here now

Table of Contents

Cloud VPS S

$5.50 Monthly
  • 4 vCPU Cores | 8GB RAM


$15.50 Monthly
  • 6 vCPU Cores | 16GB RAM


$17.50 Monthly
  • 8 vCPU Cores | 24GB RAM

Securing your web applications is crucial, and one effective way to enhance security is by restricting access to your application based on geographical locations. Nginx can help you achieve this by blocking countries from accessing your application. In this article, we’ll guide you through the process with practical command examples.

Step 1: Install Nginx

If you haven’t already installed Nginx, you can do so using the package manager relevant to your operating system. For example, on Ubuntu, you can use:

sudo apt update
sudo apt install nginx

Step 2: Obtain GeoIP Database

To block countries, you need GeoIP databases. MaxMind provides a free version, GeoLite2, which you can download using the following commands. copy and paste these commands one by one:

sudo mkdir -p /etc/nginx/geoip
sudo wget -O /etc/nginx/geoip/GeoLite2-Country.mmdb.gz
sudo gzip -d /etc/nginx/geoip/GeoLite2-Country.mmdb.gz

Step 3: Configure Nginx

Now, configure Nginx to use the GeoIP database. Open your Nginx configuration file (commonly located at /etc/nginx/nginx.conf or /etc/nginx/sites-available/default) and add the following lines:

http {
    geoip_country /etc/nginx/geoip/GeoLite2-Country.mmdb;

    map $geoip_country_code $allowed_country {
        default yes;
        XX no; # Replace XX with the country code you want to block

Step 4: Update Server Block

Within your server block, use the allow and deny directives to control access based on the country:

server {
    listen 80;

    if ($allowed_country = no) {
        return 403;

    # Rest of your server block configuration...

Step 5: Test and Restart Nginx

After saving your changes, test the configuration:

sudo nginx -t

If the test is successful, restart Nginx to apply the changes:

sudo systemctl restart nginx


Following the above steps can help you configure Nginx to block access from specific countries to your web application. This extra layer of security can help protect your application from potential threats originating from specific geographic locations.

Hire us to handle what you want

Hire us through our Fiverr Profile and leave all the complicated & technical stuff to us. Here are some of the things we can do for you:

  • Website migration, troubleshooting, and maintenance.
  • Server & application deployment, scaling, troubleshooting, and maintenance
  • Deployment of Kubernetes, Docker, Cloudron, Ant Media, Apache, Nginx,  OpenVPN, cPanel, WHMCS, WordPress, and more
  • Everything you need on AWS, IBM Cloud, GCP, Azure, Oracle Cloud, Alibaba Cloud, Linode, Contabo, DigitalOcean, Ionos, Vultr, GoDaddy, HostGator, Namecheap, DreamHost, and more.

We will design, configure, deploy, or troubleshoot anything you want. Starting from $10, we will get your job done in the shortest time possible. Your payment is safe with Fiverr as we will only be paid once your project is completed.