Welcome! Log In Create A New Profile

Advanced

limit_conn - block offending ips

August 12, 2010 11:15AM
Hi forum and thanks Igor for the most amazing software;
now I have spent some time looking for a way to make use of the limit_conn directive to block offending ip addresses, but can't seem to figure out a way to do so.

Is there a possibility to check, inside nginx.conf, for $limit_conn_triggered or something like that? Use case - I am protecting a backend server with limit_conn zone_name 2; and want to collect ips that violate that limit for blocking in the firewall. Parsing logs is a possible but extremely ineffective solution, especially under a DDOS, so I was looking for a way to either block violators using nginx configuration or emit the ip address to iptables/apf/etc.

Currently I can only deny parallel requests or limit_req them, which surely does increase the number of attackers needed to kill the server but does not solve the problem. Somehow, I feel there should be a solution (nginx module or directive I'm missing) which could ban based on triggered limit_conn. Thanks for any tips :)
Subject Author Posted

limit_conn - block offending ips

piramida August 12, 2010 11:15AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 112
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready