DDoS attack is a problem often encountered when accessing large-scale websites. It refers to someone maliciously brushing certain pages of the site through a program, causing the site to respond slowly or directly deny service.
This situation can be found by analyzing the access log of nginx. There are a large number of requests with the same IP or user_agent. We can filter these access requests directly at the nginx level based on the similarity of the requests.
Restrict access through ip
Related documents of the access control module in nginx
Access control can deny access through the deny instruction, and allow access through the allow instruction.
When there are multiple deny and allow rules, it will jump out when the corresponding rule is matched.
Reject fixed ip
deny 192.168.1.12;
Reject ip network segment
deny 192.168.1.0/24;
Only allow intranet access
allow 192.168.1.0/24; deny all;
Restrict access through user_agent
nginx does not have a specific restriction instruction for user_agent. user_agent can be accessed through the $http_user_agent variable in nginx. Use the if instruction to control user_agent. Regular matching, for the matched rules, just deny access.
The if instruction in nginx is introduced in more detail in the rewrite module
Restrict access to the jmeter test tool through user_agent
if ($http_user_agent ~ "^apache.*java"){
return 403;
}The above is the detailed content of How does Nginx server restrict access by ip and user_gent. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
