Web Dev Tools
Categories

Geolocation & IP Intelligence

Knowing where the user is — for routing, fraud, compliance, and personalization.

Server-side IP geolocation

  • MaxMind GeoIP2 — gold standard. Free GeoLite2 databases (country / city / ASN); paid hosted API for higher accuracy. Default for self-host.
  • IPinfo — clean API, generous free tier, easy SDKs. Default for hosted.
  • IPdata — competitor; free tier; broader threat-intelligence.
  • ipstack / ip2location / DB-IP — alternatives with various free tiers.
  • abuseipdb — IP reputation / threat data.

Built-in / free at the platform level

  • Cloudflare request headerscf-ipcountry, cf-region, cf-postal-code, cf-iata (airport), cf-timezone, cf-asn. Free, accurate, on every Workers request.
  • Vercel request.geo — built into the Edge runtime. Free.
  • Fastly Compute@Edge geo — built-in.
  • AWS CloudFront geo headersCloudFront-Viewer-Country, etc.

Browser geolocation (lat/lng with permission)

  • navigator.geolocation — built-in; requires user permission; high accuracy on mobile.
  • @capacitor/geolocation — for mobile-packaging apps.
  • react-geolocated — React hook wrapper.

Reverse geocoding (lat/lng → address)

  • See Maps & Geo — Mapbox, MapTiler, Nominatim, Google.

Use cases / patterns

  • Currency / locale defaults — pre-fill currency dropdown with user's IP-implied region; let them change.
  • GDPR / CCPA banner — show consent UI based on IP region (be conservative — show in doubt).
  • Tax calculation — see Tax & Compliance.
  • Fraud signals — VPN / Tor / hosting / ASN flags; combine with device fingerprint.
  • Geo-restricted content — block / redirect based on country.
  • Region-aware routing — route to nearest origin / DB replica.
  • Sanctions compliance — OFAC / EU / UK lists. Don't sell to embargoed countries.

VPN / proxy / hosting detection

  • IPinfo Privacy Detection — VPN / proxy / Tor / hosting flags.
  • MaxMind minFraud — paid; commercial-grade fraud scoring.
  • IPQualityScore — fraud + email + phone validation.
  • Spur.us, GetIPIntel — alternatives.

Privacy considerations

  • IP addresses are PII in the EU. Treat accordingly: encrypt at rest, expire logs, document retention.
  • Cloudflare's geo headers don't include IP-derived precision better than city — usually fine.
  • Don't store full IPv4 / IPv6 in long-term analytics — truncate or hash.
  • Consent matters for browser geolocation; ask politely with context.

Pick this if…

  • Default backend, free: Cloudflare / Vercel geo headers if your app runs on those platforms.
  • Self-host accurate IP geo: MaxMind GeoLite2.
  • Hosted API with batteries: IPinfo.
  • Fraud / VPN detection: IPinfo Privacy or MaxMind minFraud.
  • Browser lat/lng: navigator.geolocation.

Previous

Web Scraping & Browser Automation

Next

DNS & Domain APIs

On this page