Facebook
Twitter
surfgatinho
New Pleskian
I'm trying to get the following rule to work but it seems to do nothing:
I have had the GeoIP database installed for a while and used it successfully for other purposes, so this isn't the problem.
As it stands the above rule does nothing - no error, and no blocking.
Given the huge amount of China based traffic I've been receiving the logs should be absolutely full...
The version of Modsecurity I'm running is 2.9.2-ubuntu18.04.19091318
Any ideas?
# Test IP address and block by country code
SecGeoLookupDb /usr/share/GeoIP/GeoIP.dat
SecRule REMOTE_ADDR "@geoLookup" "chain,id:20,drop,msg:'Block China IP address'"
SecRule GEO:COUNTRY_CODE "@streq CN HK"
SecGeoLookupDb /usr/share/GeoIP/GeoIP.dat
SecRule REMOTE_ADDR "@geoLookup" "chain,id:20,drop,msg:'Block China IP address'"
SecRule GEO:COUNTRY_CODE "@streq CN HK"
I have had the GeoIP database installed for a while and used it successfully for other purposes, so this isn't the problem.
As it stands the above rule does nothing - no error, and no blocking.
Given the huge amount of China based traffic I've been receiving the logs should be absolutely full...
The version of Modsecurity I'm running is 2.9.2-ubuntu18.04.19091318
Any ideas?
