How does Nginx server restrict access by ip and user_gent

王林
Release: 2023-06-04 21:40:03
forward
1317 people have browsed it

DDoS attack is a problem often encountered when accessing large-scale websites. It refers to someone maliciously brushing certain pages of the site through a program, causing the site to respond slowly or directly deny service.

This situation can be found by analyzing the access log of nginx. There are a large number of requests with the same IP or user_agent. We can filter these access requests directly at the nginx level based on the similarity of the requests.

Restrict access through ip

Related documents of the access control module in nginx

Access control can deny access through the deny instruction, and allow access through the allow instruction.

When there are multiple deny and allow rules, it will jump out when the corresponding rule is matched.

Reject fixed ip

deny 192.168.1.12;
Copy after login

Reject ip network segment

deny 192.168.1.0/24;
Copy after login

Only allow intranet access

allow 192.168.1.0/24; deny all;
Copy after login

Restrict access through user_agent

nginx does not have a specific restriction instruction for user_agent. user_agent can be accessed through the $http_user_agent variable in nginx. Use the if instruction to control user_agent. Regular matching, for the matched rules, just deny access.

The if instruction in nginx is introduced in more detail in the rewrite module

Restrict access to the jmeter test tool through user_agent

if ($http_user_agent ~ "^apache.*java"){ return 403; }
Copy after login

The above is the detailed content of How does Nginx server restrict access by ip and user_gent. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:yisu.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!