I use Nginx to handle HTTP requests. During access log inspection, I found a lot of suspicious requests from the same IP address. I'd like to configure Nginx to refuse connections from hosts like that one; I don't think that there will be a lot of hosts because it was the first one for years.
This is basically how the Nginx geo-ip module works, I've done a similar thing to whitelist Google crawlers on my sites.
In your http
block define a geo
directive and add the CIDR ip ranges you wish to block:
geo $badips {
default 0;
64.233.160.0/19 1;
66.102.0.0/20 1;
...
}
This will set the value of variable $badips
to 1
for requests originating from those ip addresses.
Then in your server
block, before any location
blocks, add:
if ($badips) {
return 444;
}
Reload Nginx and that's it, requests which trigger $bdips
to be set to 1 will be server a 444 response code (you can change it to another if you prefer).
If you want to keep the banned addresses in a different file then you can do that and inside the geo
directive just add include path/to/file;
. Syntax within the included file must be the same as above.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.