The conditions in the config do not work, I can not understand why

I

iDrum2012-09-06 12:03:00

Nginx

iDrum, 2012-09-06 12:03:00

There is a flood on the server. There are such lines in the logs, only the IP addresses are different
88.81.228.6 — - [06/Sep/2012:12:53:37 +0400] "GET / HTTP/1.0" 200 36271 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)" "-" | "-"

I want to filter this case with nginx

server {
    .....
    set $add 1;
    set $ban '';

    ###### Rule 1 ########
    if ($http_referer = '-' ) {
        set $ban $ban$add;
    }
    if ($request_uri = '/') {
        set $ban $ban$add;
    }

    if ($http_user_agent = 'Mozilla\/5\.0 \(Windows\; U\; Windows NT 6\.1\; en\-US\)') {
        set $ban $ban$add;
    }

    if ($ban = 111) {
        return 444;
    }
    ######################
    ......
}

But requests still pass through nginx. How to write conditions?

PS: Also tell me how to set the maximum page access per unit of time in iptables

Reply

Answer the question

In order to leave comments, you need to log in

5 answer(s)

N

niakrisn, 2012-09-06
@niakrisn

Maybe because $ban is 11?

if ($http_user_agent = 'Mozilla\/5\.0 \(Windows\; U\; Windows NT 6\.1\; en\-US\)') {
        set $ban $ban$add;
}

There is no need to screen here.

S

script88, 2012-09-06
@script88

A bit off topic, but you can use the nginx.org/ru/docs/http/ngx_http_limit_req_module.html module

N

niakrisn, 2012-09-06
@niakrisn

The simplest option is to add the debug_connection BOT_IP directive; in the events context and see the debug log.

I

iDrum, 2012-09-06
@iDrum

Does anyone else have any idea why the conditions don't work? tried everything I think

I

iDrum, 2012-09-06
@iDrum

strange, that's how it worked

   if ($http_referer = "" ) {
        set $ban $ban$add;
    }
    if ($request_uri = "/") {
        set $ban $ban$add;
    }

    if ($http_user_agent = "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)") {
        set $ban $ban$add;
    }

    if ($ban = 111) {
        return 444;
    }