если у вас "access forbidden by rule", то по сути вы и так эти запросы
блокируете (на уровне nginx, не iptables).
можно сделать "access_log off;" и забыть

ср, 27 апр. 2022 г. в 12:18, alexander_st <nginx-forum@forum.nginx.org>:

> Добрый день.
> Можно ли на основе лога типа такого
>
> 2022/04/11 10:43:38 [error] 4465#4465: *969587 access forbidden by rule,
> client: 45.160.168.238, server: *, request: "ST /category-s HTTP/1.1",
> host:
> "*"
> 2022/04/11 10:43:38 [error] 4465#4465: *969587 access forbidden by rule,
> client: 45.160.168.238, server: *, request: "ST /category-s HTTP/1.1",
> host:
> "*"
> 2022/04/11 10:43:38 [error] 4465#4465: *969587 access forbidden by rule,
> client: 45.160.168.238, server: *, request: "ST /category-s HTTP/1.1",
> host:
> "*"
> 2022/04/11 10:43:38 [error] 4465#4465: *969587 access forbidden by rule,
> client: 45.160.168.238, server: *, request: "ST /category-s HTTP/1.1",
> host:
> "*"
> 2022/04/11 10:43:38 [error] 4465#4465: *969587 access forbidden by rule,
> client: 45.160.168.238, server: *, request: "ST /category-s HTTP/1.1",
> host:
> "*"
>
> отправлять адреса в бан? Только сторонним парсингом лога?
> Понятно, что правилом на такие запросы (не GET, не POST) отдаю 444. Плюс
> настроены ограничения зон. Плюс стоит fail2ban.
>
> Posted at Nginx Forum:
> https://forum.nginx.org/read.php?21,294057,294057#msg-294057
>
> _______________________________________________
> nginx-ru mailing list -- nginx-ru@nginx.org
> To unsubscribe send an email to nginx-ru-leave@nginx.org
>
_______________________________________________
nginx-ru mailing list -- nginx-ru@nginx.org
To unsubscribe send an email to nginx-ru-leave@nginx.org