Nginx

Nginx IP 黑名單配置文件放在哪裡?

  • July 9, 2018

我有一個Nginx託管兩個站點的 Web 伺服器。我創建了一個blockips.conf文件來將不斷探測伺服器的 IP 地址列入黑名單,並將此文件包含在nginx.conf文件中。但是,在我的站點訪問日誌中,我仍然看到這些 IP 地址出現。我是否需要在每個站點的 conf 中包含黑名單而不是全域 conf Nginx

這是我的nginx.conf

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events {
   worker_connections  1024;
}

http {
   include       /etc/nginx/mime.types;
   default_type  application/octet-stream;

   log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                     '$status $body_bytes_sent "$http_referer" '
                     '"$http_user_agent" "$http_x_forwarded_for"';

   access_log  /var/log/nginx/access.log  main;

   sendfile        on;

   keepalive_timeout  65;

   include /etc/nginx/conf.d/*.conf;
   # Load virtual host configuration files.
   include /etc/nginx/sites-enabled/*;

   # BLOCK SPAMMERS IP ADDRESSES
   include /etc/nginx/conf.d/blockips.conf;
}

blockips.conf

deny 58.218.199.250;

access.log 仍然顯示此 IP 地址。

58.218.199.250 - - [27/Sep/2012:06:41:03 -0600] "GET http://59.53.91.9/proxy/judge.php HTTP/1.1" 403 570 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" "-"

我做錯了什麼?

查看您的日誌,它正在阻止流量,有一個 403 標頭 - 即。拒絕訪問。

我建議將您的黑名單放入 iptables :) iptables -A INPUT -s 58.218.199.250 -j DROP 這樣您就不會花費資源處理來自不需要的 IP 地址的請求。

引用自:https://serverfault.com/questions/432716