Answer the question
In order to leave comments, you need to log in
Ban IP address using nginx?
There is a web application with a bunch of nginx + tomcat. That is, nginx acts as a proxy, tomcat is the main server.
Recently, in the logs, I notice that there are constantly requests for incorrect or non-existent URLs.
For example, I have a controller /setting/{ID}/get, and in the logs there are many chains of calling /setting//get or, say, instead of {ID}, there may be an enumeration of some values.
In order to reduce server load and reduce outgoing traffic, is it possible to somehow organize an automatic ban of IP addresses using nginx.
That is, let's say if a request from one IP goes to a non-existent address, then after 10 such requests, the IP address is blocked for an hour?
Answer the question
In order to leave comments, you need to log in
If you add deny to the config, Nginx will have to be restarted. If you need a solution on Nginx, for example, you can not let it into the backend on the left urls, setting the most accurate locations for existing paths. There is also this original solution .
You can block too frequent requests from one IP using NGINX wiki.nginx.org/HttpLimitReqModule
And ban IP for a specified time in case of suspicious behavior, I think it's better to do it using Firewall
without external scripts that constantly edit the nginx config and do reload, nothing will come of it.
Duc. Catch 404s with iptables and ban when there are a lot of them.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question