I have web server is running Apache 2.4.46 under Centos 7 server.
Currently, I have configured mode GeoIP for it, used MaxMind GeoLite2 Database and only allow access from specific countries.
It's running OK but today, a few customers cannot access my website and got 403 Error (Permission Denied).
I checked on web server and saw that:
These customers is living at my allowed countries but their public IP address when access to my web server is IP NAT and these IP will be denied by my GeoIP ACL.
So, my question is: how can I allow these IP NAT to access my website under GeoIP mode installed on web server? I have to ask their ISP for IP NAT pool and allow it one-by-one on GeoIP ACL or are there any best ways to allow it? Thank you so much for your help
Here is my GeoIP ACL:
MaxMindDBFile COUNTRY_DB /usr/local/GeoIP/GeoLite2-Country.mmdb
MaxMindDBEnv MM_COUNTRY_CODE COUNTRY_DB/country/iso_code
SetEnvIf MM_COUNTRY_CODE SG AllowCountry
SetEnvIf MM_COUNTRY_CODE KH AllowCountry
SetEnvIf MM_COUNTRY_CODE O1 AllowCountry
SetEnvIf MM_COUNTRY_CODE A1 AllowCountry
SetEnvIf MM_COUNTRY_CODE A2 AllowCountry
Deny from all
Allow from env=AllowCountry
Allow from 10.0.0.0/8
Allow from 172.16.0.0/12
Allow from 192.168.0.0/16
