Error Log - 403 access logs
nginx-forum at forum.nginx.org
Fri Feb 12 22:32:39 UTC 2016
We use our nginx error logs to monitor our system closely. Recently, we've
been hit with a lot of requests with malicious intent, and thus have blocked
their IPs using a "deny " directive. This has worked as expected, but
unfortunately, our error logs are still flooded with "error" with "access
forbidden by rule...." messages.
Why is a successful denial being logged as an error? I would expect that
this is correct behaviour, and thus should not be logged as an error.
In any event, is their any way to suppress 403 denied messages from the
error log without bumping up the logging level? We don't want to change the
log level, as the "upstream timed out" error is also at level "error" and is
something we really want to keep an eye on.
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,264501,264501#msg-264501
More information about the nginx