How to rate-limit jorgee malware scanner?

Zhang Chao zchao1995 at
Mon Jul 24 12:12:06 UTC 2017


Nginx carries with the limit_req_module
<>. I think it
is a good helper.

On 24 July 2017 at 20:10:05, Gary Sellani (lists at wrote:

I just detect the use agent and return 444, but every attempt to get a file
will show up in your access.log.

I get two or three jorgee "sessions" a day. They tend not to use the domain
name but reference your server by IP, so there might be some better
blocking scheme.

  Original Message
From: tkadm30 at
Sent: July 24, 2017 3:14 AM
To: nginx at
Reply-to: nginx at
Subject: How to rate-limit jorgee malware scanner?


The Jorgee malware scanner is creating a lot of activity on my site. I
would like to rate-limit its connections to nginx based on the
User-Agent, since blocking all IP addresses with iptables seems
impossible. Is their a quick way of doing this ?

Thank you in advance ,


Etienne Robillard
tkadm30 at

nginx mailing list
nginx at
nginx mailing list
nginx at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list