Welcome! Log In Create A New Profile

Advanced

Re: Hacker log

October 22, 2016 06:18PM
On Sat, 22 Oct 2016 17:40:56 -0400
"itpp2012" <nginx-forum@forum.nginx.org> wrote:

> The idea is nice but pointless, if you maintain this list over 6
> months you most likely will end up blocking just about everyone.
>
> Stick to common sense with your config, lock down nginx and the
> backends, define proper flood and overflow settings for nginx to deal
> with, anything beyond the scope of nginx should be dealt with by your
> ISP perimeter systems.
>
> Posted at Nginx Forum:
> https://forum.nginx.org/read.php?2,270485,270486#msg-270486
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

I've been doing this for more than six months. Clearly I haven't
blocked everyone. ;-)

These requests would just go to 404 if I didn't trap them. I rather
save 404 for real missing links.

My attitude regarding hacking is if it comes from a place without
eyeballs (hosting, colo, etc.), enjoy your lifetime ban. This keeps the
logs cleaner. Dumb hacking attempts like that clown could be some real
attack in the future, so better to block them.

At the very least, you could block all well known cloud services. AWS
for example, but not from email ports.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Hacker log

gariac October 22, 2016 05:22PM

Re: Hacker log

itpp2012 October 22, 2016 05:40PM

Re: Hacker log

gariac October 22, 2016 06:18PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 85
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready