Changelog
3.4.0 - 2026-04-18
The paid report has always included ready-to-run block scripts. Turns out that’s not very helpful if you’ve never pasted something into a terminal. Click any format to preview the exact commands inline, copy them in one click, and follow the three-step guide below if you’re not sure what to do next. If you don’t have SSH access at all, there’s a new section pointing toward your hosting panel’s IP blocker instead.
3.3.0 - 2026-04-18
Wondered how people are using the free reports. Added some additional tracking — and disclosed it all in the privacy policy — so I can see if there are ways to make it better.
3.2.1 - 2026-04-13
Squashed a bug in Umami event tracking.
3.2.0 - 2026-04-12
The paywall moved. Paste your IPs, get a free geo and ASN breakdown of your top 25 — shareable link, no account, no payment. It expires in 7 days, which is probably long enough to do something about the IPs in it. If you want AbuseIPDB confidence scores for the worst offenders, ready-to-run firewall scripts, and a permanent link, that’s still $9. Speaking of permanent: paid reports no longer expire. The 30-day window is gone. You paid for it, it’s yours.
3.1.4 - 2026-04-10
Squished some bugs. The kind that mostly just lurk — a concurrency edge case where Stripe could trigger two report generations at once, a quota guard to stop the seed script draining the AbuseIPDB daily allowance, a couple of small security tightenings. Nothing you would have noticed, and now you won't have to.
3.1.3 - 2026-04-04
Security audit follow-up. No bad guys found but, just in case: report tokens are now cryptographically random, classification data is recomputed server-side instead of trusted from the browser, and a timezone misconfiguration that sometimes made fresh reports appear expired has been corrected.
3.1.2 - 2026-04-03
A few small tweaks and bugfixes. That last polish with your sleeve before guests come over.
3.1.0 - 2026-04-03
A rolling 7-day Community Block List built from opted-in Threat Reports. CIDR ranges corroborated by three or more independent users — filtered by prefix size and hit density so coarse ISP blocks don't slip through — appear on the public list, downloadable as iptables, ufw, nginx, or plain CIDR format.
3.0.0 - 2026-04-02
Threat Reports: paste a batch of IPs from your server logs, pay once, and get back a verdict (clean, watchlist, or threat), AbuseIPDB scores for the worst offenders, and ASN CIDR ranges so you can block whole subnets instead of individual addresses. Ready-to-run block scripts for iptables, ufw, and nginx download directly from the report. Reports are token-tied and expire after 30 days.
2.6.3 - 2026-03-23
Swapped Google Analytics for Umami. Same lookup and CSV download events are tracked, same visitor stats — just without sending your data to Google first. Umami is open-source and privacy-friendly, which feels more in keeping with a tool that doesn't log IPs.
2.6.2 - 2026-03-13
Removed the PayPal donation button. Coffee is better anyway, and PayPal's UX is bad.
2.6.1 - 2026-03-13
Housekeeping ahead of open-sourcing the repo:
- Added defensive HTML escaping.
- Tidied internal server references out of CI workflow comments.
- Removed a dead Google Universal Analytics snippet still haunting a couple of pages.
- Fixed testing tools to use
random_int()so generated test IPs actually cover the full IPv4 address space.
2.6.0 - 2026-03-13
The IP lookup engine got a meaningful tune-up, cutting per-IP database time by about 60%. That cuts a 10,000-IP lookup from roughly 4.5 seconds of database time down to under 2. The site also now fires two Google Analytics events for CSV downloads and ip_count, so there's finally a wee little data on how ip2geo is being used being collected. (All of which is still blocked by ad blocker extensions or your friendly neighborhood pi-hole.)
2.5.1 - 2026-03-13
Historical cruft cleanup.
2.5.0 - 2026-03-13
Submitting a large batch of IPs used to mean staring at a blank page for several seconds. No more. The form now submits via AJAX and a full-viewport loading overlay appears immediately showing how many IPs are being processed and stays visible until results are ready. The overlay falls back gracefully to a normal form submit if JavaScript isn't available. Page load transitions are also faster site-wide.
2.4.0 - 2026-03-12
Two releases in one day. We're on a roll. Results are now exportable: a Download CSV button appears above the table after any lookup, generating a properly-quoted RFC 4180 file client-side with no second round-trip to the server. IPs that returned no geo data get their own toggleable section so they're out of the way but not silently discarded. The summary stats below results got a full makeover — monospace, column-aligned, and actually informative (submitted vs. matched vs. filtered vs. unresolved, all accounted for). Also quietly retired about.php and its legacy UA analytics snippet, which had no business still existing.
2.3.0 - 2026-03-12
Taught ip2geo.org to update its own data. MaxMind's GeoLite2-City database now refreshes automatically on the first of every month: downloaded, converted, imported into shadow tables, verified against a known IP, then swapped in atomically while the old data keeps serving. If anything looks off, it rolls back and files a strongly-worded GitHub Actions failure notification. Also added a data freshness date to the footer, because it turns out people care how old their geolocation data is.
2.2.0 - 2026-03-11
Security hardening and grown-up deployment infrastructure. Fixed a handful of XSS vectors (nothing to see here), added a 2MB input cap, and corrected a bug that was silently discarding the first batch of IPs instead of the last. The old versioned index files are gone and git is the version history now, as it was always meant to be. Also introduced a full CI/CD pipeline with a staging environment, because apparently this is a serious project.
2.1.1 - 2025-04-05
Bugfix. Introduction of Changelog. Removed defunct twitter link. Made "About" section slightly more professional (slightly).
2.1.0 - 2025-04-04
Refactor database query approach. ~12% speed improvement through preconverting IPv4 addresses and avoiding INET6_ATON.
2.0.7 - 2025-04-04
Maxmind database update (2025-04-01).