How to rate-limit jorgee malware scanner?

Gary Sellani lists at lazygranch.com
Mon Jul 24 12:09:39 UTC 2017


I just detect the use agent and return 444, but every attempt to get a file will show up in your access.log. 

https://www.buildersociety.com/threads/block-unwanted-bots-on-apache-nginx-constantly-updated.1898/

I get two or three jorgee "sessions" a day. They tend not to use the domain name but reference your server by IP, so there might be some better blocking scheme. 

  Original Message  
From: tkadm30 at yandex.com
Sent: July 24, 2017 3:14 AM
To: nginx at nginx.org
Reply-to: nginx at nginx.org
Subject: How to rate-limit jorgee malware scanner?

Hi,

The Jorgee malware scanner is creating a lot of activity on my site. I 
would like to rate-limit its connections to nginx based on the 
User-Agent, since blocking all IP addresses with iptables seems 
impossible. Is their a quick way of doing this ?

Thank you in advance ,

E

-- 
Etienne Robillard
tkadm30 at yandex.com
http://www.isotopesoftware.ca/

_______________________________________________
nginx mailing list
nginx at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx


More information about the nginx mailing list