Re: Hacker log

2016-10-22 Thread li...@lazygranch.com
On Sat, 22 Oct 2016 17:40:56 -0400 "itpp2012" wrote: > The idea is nice but pointless, if you maintain this list over 6 > months you most likely will end up blocking just about everyone. > > Stick to common sense with your config, lock down nginx and the > backends, define proper flood and overf

Re: Hacker log

2016-10-22 Thread itpp2012
The idea is nice but pointless, if you maintain this list over 6 months you most likely will end up blocking just about everyone. Stick to common sense with your config, lock down nginx and the backends, define proper flood and overflow settings for nginx to deal with, anything beyond the scope of

Hacker log

2016-10-22 Thread li...@lazygranch.com
http://pastebin.com/7W0uDrLa If you need an extensive list of hacker requests (over 200), I put this log entry on pastebin. As mentioned at the top of the pastebin, the hacker used my IP address directly rather than my doman name. I have a "map" that detects typical hacker activity. Perhaps in m

Re: Suspicious log records

2016-10-22 Thread janro
Thank you for your answer Robert! Posted at Nginx Forum: https://forum.nginx.org/read.php?2,270472,270484#msg-270484 ___ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx

Re: nginx 1.11.5 'duplicate' map_hash_bucket_size error when geoip_country block used?

2016-10-22 Thread lists
On Sat, Oct 22, 2016, at 09:42 AM, itpp2012 wrote: > Syntax: map_hash_bucket_size size; > Default: map_hash_bucket_size 32|64|128; > Context: http > > The err message is valid but may be misleading due to the places you used, a > dup msg does not indicate the valid context area.

Re: Suspicious log records

2016-10-22 Thread Robert Paprocki
Looks like a shellshock attempt. Provided that you're running a modern of version of bash there's nothing to be done. Well, you could drop requests from those IPs if you see fit. Welcome to the wild world of running a public server! > On Oct 22, 2016, at 03:19, janro wrote: > > Hi everyone.

Re: nginx 1.11.5 'duplicate' map_hash_bucket_size error when geoip_country block used?

2016-10-22 Thread itpp2012
Syntax: map_hash_bucket_size size; Default:map_hash_bucket_size 32|64|128; Context:http The err message is valid but may be misleading due to the places you used, a dup msg does not indicate the valid context area. Posted at Nginx Forum: https://forum.nginx.org/read.php?2

nginx 1.11.5 'duplicate' map_hash_bucket_size error when geoip_country block used?

2016-10-22 Thread lists
I have a working nginx/1.11.5 instance, with this in config ... http( ... 134 map_hash_bucket_size 4096; ... ) ... when I add geoip blocking ...

Suspicious log records

2016-10-22 Thread janro
Hi everyone. I'm newbie with Nginx and with servers and I thought to ask your opinion about the log input I noticed from last night. There's clearly a some sort of malicious attempt in access.log which is repeated four times. In error.log there's only 'closed keepalive connection' records, which

Re: content-type does not match mime type

2016-10-22 Thread B.R.
Associating types to file extensions is done through the types directive. You probably have a default_type directive in a global location defining it to application

Re: NGINX and Slim PHP framework

2016-10-22 Thread Edho Arief
Hi, On Sat, Oct 22, 2016, at 19:37, Ben wrote: > Hi, > > nginx/1.10.0 & PHP 7.0.8 > > I'm struggling to get NGINX to work with the Slim PHP framework for > paths. > > The base index.php works fine (e.g. http://example.com works), however > if I try a framework path (e.g. http://example.com/hel

NGINX and Slim PHP framework

2016-10-22 Thread Ben
Hi, nginx/1.10.0 & PHP 7.0.8 I'm struggling to get NGINX to work with the Slim PHP framework for paths. The base index.php works fine (e.g. http://example.com works), however if I try a framework path (e.g. http://example.com/hello/test), NGINX sends me what Firefox seems to call a "DMS file"