Welcome! Log In Create A New Profile

Re: Hierarchy of malformed requests and blocked IPs

Forum List Message List New Topic Print View

Valentin V. Bartenev

July 30, 2016 06:18AM

On Friday 29 July 2016 23:01:05 lists@lazygranch.com wrote:
> I see a fair amount of hacking attempts in the access.log. That is, they
show up with a return code of 400 (malformed). Well yeah, they are certainly
malformed. But when I add the offending IP address to my blocked list, they
still show up as malformed upon subsequent readings of access.log. That is, it
appears to me that nginx isn't checking the blocked list first.
>
> If true, shouldn't the blocked IPs take precedence?
>
> Nginx 1.10.1 on freebsd 10.2
>

It's unclear what do you mean by "my blocked list". But if you're
speaking about "ngx_http_access_module" then the answer is no, it
shouldn't take precedence. It works on a location basis, which
implies that the request has been parsed already.

wbr, Valentin V. Bartenev

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
Hierarchy of malformed requests and blocked IPs	gariac	July 30, 2016 02:02AM
Re: Hierarchy of malformed requests and blocked IPs	Valentin V. Bartenev	July 30, 2016 06:18AM
Re: Hierarchy of malformed requests and blocked IPs	gariac	July 30, 2016 01:54PM
Re: Hierarchy of malformed requests and blocked IPs	itpp2012	July 30, 2016 04:30PM
Re: Hierarchy of malformed requests and blocked IPs	Valentin V. Bartenev	July 30, 2016 04:50PM
Re: Hierarchy of malformed requests and blocked IPs	gariac	July 30, 2016 09:16PM
Re: Hierarchy of malformed requests and blocked IPs	itpp2012	July 31, 2016 02:09AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 304

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018