Z
Z
Zamorozka2012-02-19 14:24:40
Java
Zamorozka, 2012-02-19 14:24:40

Ban IP address using nginx?

There is a web application with a bunch of nginx + tomcat. That is, nginx acts as a proxy, tomcat is the main server.

Recently, in the logs, I notice that there are constantly requests for incorrect or non-existent URLs.

For example, I have a controller /setting/{ID}/get, and in the logs there are many chains of calling /setting//get or, say, instead of {ID}, there may be an enumeration of some values.

In order to reduce server load and reduce outgoing traffic, is it possible to somehow organize an automatic ban of IP addresses using nginx.

That is, let's say if a request from one IP goes to a non-existent address, then after 10 such requests, the IP address is blocked for an hour?

Answer the question

In order to leave comments, you need to log in

5 answer(s)
S
Stdit, 2012-02-19
@Zamorozka

If you add deny to the config, Nginx will have to be restarted. If you need a solution on Nginx, for example, you can not let it into the backend on the left urls, setting the most accurate locations for existing paths. There is also this original solution .

V
Vitaly Peretyatko, 2012-02-19
@viperet

You can block too frequent requests from one IP using NGINX wiki.nginx.org/HttpLimitReqModule
And ban IP for a specified time in case of suspicious behavior, I think it's better to do it using Firewall

S
Sergey, 2012-02-19
@bondbig

without external scripts that constantly edit the nginx config and do reload, nothing will come of it.

V
Vlad Zhivotnev, 2012-02-19
@inkvizitor68sl

Duc. Catch 404s with iptables and ban when there are a lot of them.

D
dborovikov, 2012-02-22
@dborovikov

You can write a module for nginx in lua.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question