one client "floods" nginx errorlog

Maxim Dounin mdounin at mdounin.ru
Wed Nov 25 14:43:51 UTC 2020


Hello!

On Tue, Nov 24, 2020 at 05:46:43PM +0100, A. Schulze wrote:

> I run a nginx instance handling only TLS1.2 and TLS1.3.
> Now I noticed an remote client hammering (Ok, once per second) with an SSLv2 connection an thus filling the log:
> 
> 2020/11/24 17:37:08 [info] 383#0: *11 SSL_do_handshake() failed (SSL: error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol) while SSL handshaking, client: 87.138.121.xx, server: 0.0.0.0:443 
> 
> That's annoying.
> beside blocking that IP in a firewall, is there a smart way to just prevent the log entry?

Much like any log lines easily triggered by misbehaving clients, 
these can be hidden by using higher log level, such as "notice", 
see http://nginx.org/r/error_log.

-- 
Maxim Dounin
http://mdounin.ru/


More information about the nginx mailing list