smoxy
English
DeutschEnglish
English
DeutschEnglish
  • Welcome to smoxy
  • Changelog
  • Support Contact
  • Migration of Load Balancers and Domains
  • Account
    • What is an Account?
    • Site Overview
      • Add a new domain
    • Origins & Loadbalancer
    • Domain Overview
      • SSL
    • DNS Overview
    • Team
    • IP Lists
    • Billing
  • Sites
    • What is a Site?
    • Dashboard
    • Page Rules
      • Page Rules - Use Cases
    • Conditional Rules
      • Conditional Rules - Use Cases
    • Image Optimization
    • Acceleration
    • Security
    • Load balancer
    • Basic Configuration
    • Redirect Sites
  • Developer Guide
    • GeoIP Headers (Request Metadata)
    • Cache Invalidation
    • Best Practices
      • Services Sites
      • Flush Tags
      • Test configuration options
      • Cache key configuration for images
    • Cloudflare Setup
    • Frameworks
      • Shopware 6
Powered by GitBook
On this page
  • Overview
  • Included Headers
  • Use Cases
  • Language Redirection
  • GDPR Compliance
  • IP-Based Routing and Blocking
  • Enhanced Logging / Analytics
  • Integration Notes
  • Best Practices

Was this helpful?

  1. Developer Guide

GeoIP Headers (Request Metadata)

When smoxy forwards requests to your origin servers, it automatically adds a set of HTTP headers containing geolocation and network metadata derived from the client’s IP address. These GeoIP Headers enable dynamic content personalization, language switching, regional compliance, and advanced analytics — all at the edge, before the request even hits your backend.

Also known as: GeoIP Headers, Edge Headers, IP Geolocation Headers, Location Headers, Geo Headers

Overview

These headers are injected into every request by smoxy’s edge infrastructure. They provide rich client context, including the user’s approximate location, network provider, and EU status. This information is resolved in real-time using fast, privacy-conscious IP lookup services.

Included Headers

Header
Description

s-asn

ASN (Autonomous System Number) of the client’s network

s-asorg

Organization name for the ASN (e.g., “Cloudflare, Inc.”)

s-country

ISO 3166-1 alpha-2 country code (DE, US, etc.)

s-city

Approximate city of the client

s-latitude

Approximate latitude

s-longitude

Approximate longitude

s-subdivisions

ISO 3166-2 region/subdivision codes (e.g., DE-BY)

s-iseu

Flag indicating whether the request originates from within the EU (1 or 0)

These values are useful for building location-aware features or routing logic directly in your backend.

Use Cases

Language Redirection

Automatically redirect users to a localized version of your site:

$country = $_SERVER['HTTP_S_COUNTRY'] ?? 'US';

$language = match ($country) {
    'DE' => 'de',
    'FR' => 'fr',
    default => 'en',
};

header("Location: /{$language}/");
exit;

GDPR Compliance

Use s-iseu to trigger EU-only consent dialogs:

if ($_SERVER['HTTP_S_ISEU'] === '1') {
    // Show GDPR consent UI
}

IP-Based Routing and Blocking

Allow or restrict access based on ASN or country:

$asn = $_SERVER['HTTP_S_ASN'] ?? null;

if ($asn === '12389') {
    http_response_code(403);
    exit('Access denied for this network');
}

Enhanced Logging / Analytics

Store s-country or s-asorg alongside other request metadata to enrich logs and traffic reports.

Integration Notes

  • Header names are prefixed with s- to avoid conflicts with standard HTTP headers.

  • Values are added at the edge by smoxy, so they’re present even before your app processes the request.

  • These headers are available in all environments — no client-side JS required.

Best Practices

  • Always treat geolocation as approximate — avoid relying on city-level accuracy for critical decisions.

  • Provide fallbacks for cases where headers are missing (e.g., during local dev).

  • Consider logging these values for auditing or debugging location-based behavior.

Last updated 11 days ago

Was this helpful?