Welcome! Log In Create A New Profile

Advanced

Re: Do i need mod_security for nginx?

Patrick Lists
October 21, 2013 05:28PM
On 10/21/2013 10:12 PM, agriz wrote:
> Today i found one particular IP address which was trying a lot of things in
> my server.
>
> For a second, it was sending atleast 50 requests.
> It was keep on accessing my admin login page with post and get request
> That IP tried proxy GET http://...
> It tried to inject something in the script with -d parameter.
>
> i added "limit_req_zone $binary_remote_addr zone=app:10m rate=2r/s; " in
> http block and
> location / {
> limit_req zone=app burst=50;
> }
>
> I believe it will block too many connections per second from a ip.
> How do i secure the server from other attacks?

Have a look at fail2ban.

Regards,
Patrick

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Do i need mod_security for nginx?

agriz October 21, 2013 04:12PM

Re: Do i need mod_security for nginx?

Patrick Lists October 21, 2013 05:28PM

Re: Do i need mod_security for nginx?

agriz October 21, 2013 05:41PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 75
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready