The trouble is nginx does a fair amount of work before blocking the IP address,
unless things have changed. My recollection is it parses the whole request.
Obviously it doesn't send any data. So you are better off blocking with the
firewall.
You do need to know your audience. Something related
I don't know about iptables, but you can limit port 80 and 443 with ipfw. I run mine at 10 per IP. I've had corporations behind NAT trigger lesser limits. My point being you don't have to parse the log (swatch).
nginx@nginx.orgReply-to: nginx@nginx.orgSubject: Re: How to rate-limit jorgee malware scanner? Hi!
Nginx carries with the limit_req_module. I think it is a good helper.
On 24 July 2017 at 20:10:05, Gary Sellani (li...@lazygranch.com) wrote: I just detect the use agent and return 444, but every attempt to
I just detect the use agent and return 444, but every attempt to get a file
will show up in your access.log.
https://www.buildersociety.com/threads/block-unwanted-bots-on-apache-nginx-constantly-updated.1898/
I get two or three jorgee "sessions" a day. They tend not to use the domain
name but
