IP geolocation is widely used in support of a wide range of use cases, everything from content localization to e-commerce and cybersecurity. By matching an IP address to data provided by ISPs (Internet Service Providers) using IP lookup it becomes possible to locate a user’s physical location. It may not be 100% accurate in all cases, but it should be very close. Some IP geolocation services can also detect attempts to bypass this location by using proxies, VPNs (Virtual Private Networks) and TOR (anonymizer). This can be important because these tools, while having legitimate purposes, can also be used in cybercrime.
Also, while Safari is an HTML5 compatible browser, there are nuances to Safari that may not be present on other browsers:

- Only Safari 5 or later (2010) is compatible with HTML5
- iOS has a privacy option that can limit location accuracy:
- If toggled on, a general location will be provided
- A user can be prompted to offer their specific location, but they don’t have to agree
- The app can explain why it’s asking for the precise location
- If permission is granted, this can expire in 1 – 7 days
- In MacOS and iOS, Java needs to be enabled by the user or content dependent on it won’t load
All of this will need to be considered as you develop your product. We also recommend selecting one of the 9 best IP geolocation APIs for Apple developers.
Abstract IP geolocation API
Abstract can source geodata from IPv4 and IPv6 addresses in real-time. This includes country, latitude/longitude, time zone, and currency. It’s capable of outputting the data in XML format or JSON. The free API can support up to 20,000 API calls per month with all functionality exposed at all product levels. Higher tiers supporting more calls and providing some richer data. A custom enterprise level can support heavier use cases and offers SLAs for uptime. It has threat detection capabilities making it capable of detecting proxies, VPNs and TOR.
This is a REST API that can be implemented in Python, PHP and Ruby. All of these appear to be compatible with Apple operating systems, but take the time to verify before implementation.
Big data cloud API
Big Data Cloud can source visitor location data with fast response times. Data includes country and country code, currency, city, latitude/longitude, and more. All tiers support up to 10,000 free IP geolocation API returns per month. Pricing for additional blocks of 10,000 requests is 2 – 3 Australian dollars. While only the top tier has threat detection, it detects a wide range of threats including TOR, proxies, VPNs, BOGON (illegitimate IP addresses), and more.
It can be implemented in Python and PHP. The JavaScript and NodeJS options will need to be assessed given how Java can be blocked on Apple.
ipdata
ipdata can provide geolocation information including country code and country flag, region code, calling code, and ASN (ISP) code. The free plan supports up to 1,500 API requests per day for non-commercial use cases. Location data and threat data is available at all of the five paid tiers. Threats including TOR, proxies, BOGON, VPNs, and known threats can be detected.
ipdata can be implemented in a range of languages including Ruby, PHP, Python, and Go. Java and JavaScript are also available, but might need to be avoided.
ipstack
ipstack can detect a user’s location by sourcing geodata including city, latitude/longitude, time zone, and currency. However, some data isn’t available in the free plan which supports 5,000 API requests per month. Data beyond location only becomes available in the paid tiers starting at 9.99 USD per month. The capability to detect proxies, crawlers, TOR, and assign threat levels is available in the top two tiers.
It appears that ipstack can only be implemented in PHP (cURL) and JavaScript (jQuery.ajax), and this may need to be avoided with Apple devices.
ip2location
This web service is capable of sourcing geolocation data including ZIP code or postal code, latitude/longitude, local weather station, and elevation. With this API, you buy credits and then allocate them however you wish. A free trial is available. It can detect VPNs, TOR and proxies, though the full suite of threat detection capabilities requires a separate product.
This RESTful API can be implemented in PHP, Python, Ruby, and more. Java is also available, but the standard boilerplate warning regarding using Java on Apple applies.
DB-IP
This IP geolocation database API can source a visitor’s location including continent, country name, currency, and phone calling code. There’s a limited trial version available. Each of the three paid tiers is split into three levels which offer increasing functionality. Location data and the capability to detect proxies, crawlers, TOR, VPN, and bots appear to be available at all levels.
This is a RESTful API that can be implemented using PHP. JavaScript and jQuery are also available, but remember the limitations on Apple.
Positionstack
Positionstack is capable of sourcing location information including country flag, currency, latitude/longitude, and language. It can also supply embeddable maps starting on the first paid tier. The free plan supports up to 25,000 API requests per month. Paid tiers supply increasing levels of both data and API calls. It’s not immediately clear what threat detection is supported, so you may need to inquire.
PHP, Python, Ruby, and more code examples are available on the website, showing the range of language options for implementing Positionstack. NodeJS and jQuery may prove to be unsuitable.
ipinfo.io
This IP geolocation API can source city, ZIP code or postal code, connection type, latitude/longitude, and more. The free API key supports up to 50,000 API requests per month. Paid tiers supply increasing levels of data, with threat detection becoming available in the second paid tier. Full threat detection capabilities are in a separate product.
This can be implemented in PERL, Python, Rust, and more. Java and NodeJS are also available, but the standard warning applies.
Maxmind
Maxmind’s GeoIP2 Precision Services can detect a visitor’s geographical location including continent, country, city, ISP, and time zone. There’s a free plan, but its functionality is limited and data is less accurate. Each of the three paid tiers is priced per API call at a fraction of a US cent. Unfortunately, location data more detailed than country only becomes available in the second paid tier. Full threat detection capabilities are also in a separate product.
It can be implemented in .NET (C#), Python, Ruby, and more. You know the drill relating to the Java, JavaScript and NodeJS options.
Summary
Whether an IP geolocation API can source the data you require for your business needs is rarely the issue. It’s more likely to be whether the level of data is available at a suitable price tier and whether associated functionality, like threat detection, is also available.
As you develop your website, service or app, don’t forget the limitations with Safari and Apple operating systems. A user has to consent to their precise location being available and they don’t have to. Also, while we apologize if we’ve beaten the Java drum too hard, it’s important to understand. If a user will never use Java, then they’ll never use any product dependent on Java. Also, while a user can be prompted to permit Java in each case, having to address another pop-up is a bad user experience.