dynamically block ips?

Ben Lancaster benlancaster at holler.co.uk
Wed Jul 27 16:38:15 UTC 2011

On 27 Jul 2011, at 09:34, Ronald Johnson wrote:

> The only solution I can come up with is to have a cron job that runs
> every 5 minutes, check the datestamp on the blocked_ips file,
> and if it was modified, it will tell nginx to reload the config file.
> This is however sub-optimal, since I think that will give them enough
> time window to get what they want from my site.
> So, in short, my question:
> any ideas how to trigger nginx to reload config files from a php script?
> E.g. is there something that the nginx can check reguarly (the
> existence of a file or something), and upon that take action to reload
> its config files?
> Any suggestions for a different solution is also much appreciated,

You could use Beanstalkd (with Pheanstalk) to create PHP workers that do run as root. Then you can create a new "job" in the queue, which gets handled asynchronously by the Pheanstalk workers in the background..

More information about the nginx mailing list