Hi all,
Unfortunately, its impossible to use limit_req within the http location
using a "if" statement like so:
http {
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
if ($http_user_agent ~* (Jorgee)) {
limit_req zone=one burst=5;
return 403;
}
}
As a workaround I use limit_req within a location to prevent my uwsgi
app for being abused.
Cheers,
E
Le 2017-07-24 à 08:12, Zhang Chao a écrit :
>
> Hi!
>
> Nginx carries with the limit_req_module
> http://nginx.org/en/docs/http/ngx_http_limit_req_module.html. I
> think it is a good helper.
>
>
>
> On 24 July 2017 at 20:10:05, Gary Sellani (lists@lazygranch.com
> <mailto:lists@lazygranch.com>) wrote:
>
>> I just detect the use agent and return 444, but every attempt to get
>> a file will show up in your access.log.
>>
>> https://www.buildersociety.com/threads/block-unwanted-bots-on-apache-nginx-constantly-updated.1898/
>>
>> I get two or three jorgee "sessions" a day. They tend not to use the
>> domain name but reference your server by IP, so there might be some
>> better blocking scheme.
>>
>> Original Message
>> From: tkadm30@yandex.com <mailto:tkadm30@yandex.com>
>> Sent: July 24, 2017 3:14 AM
>> To: nginx@nginx.org <mailto:nginx@nginx.org>
>> Reply-to: nginx@nginx.org <mailto:nginx@nginx.org>
>> Subject: How to rate-limit jorgee malware scanner?
>>
>> Hi,
>>
>> The Jorgee malware scanner is creating a lot of activity on my site. I
>> would like to rate-limit its connections to nginx based on the
>> User-Agent, since blocking all IP addresses with iptables seems
>> impossible. Is their a quick way of doing this ?
>>
>> Thank you in advance ,
>>
>> E
>>
>> --
>> Etienne Robillard
>> tkadm30@yandex.com <mailto:tkadm30@yandex.com>
>> http://www.isotopesoftware.ca/
>>
>> _______________________________________________
>> nginx mailing list
>> nginx@nginx.org <mailto:nginx@nginx.org>
>> http://mailman.nginx.org/mailman/listinfo/nginx
>> _______________________________________________
>> nginx mailing list
>> nginx@nginx.org <mailto:nginx@nginx.org>
>> http://mailman.nginx.org/mailman/listinfo/nginx
>
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
--
Etienne Robillard
tkadm30@yandex.com
http://www.isotopesoftware.ca/
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx