<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Feb 6, 2018 at 5:32 AM, Ph. Gras <span dir="ltr"><<a href="mailto:ph.gras@worldonline.fr" target="_blank">ph.gras@worldonline.fr</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello there!<br>
<br>
<br>
location ~* wp-login\.php$ {<br>
        allow 127.0.0.1;<br>
        allow A.B.C.D;          // My server's IP<br>
        allow E.F.G.H/13;               // The IP range where I am<br>
        deny all;<br>
        if ($http_user_agent = "-") { return 403;}<br>
        if ($http_user_agent = "") { return 403;}<br>
        if ($http_referer = "-") { return 403;}<br>
        if ($http_referer = "") { return 403;}<br>
        limit_conn limit 5;<br>
}<br>
<br>
185.124.153.168 - - [05/Feb/2018:21:36:12 +0100] "GET /wp-login.php HTTP/1.1" 200 1300 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"<br>
185.124.153.168 - - [05/Feb/2018:21:36:12 +0100] "POST /wp-login.php HTTP/1.1" 200 1688 "<a href="http://www.example.com/wp-login.php" rel="noreferrer" target="_blank">http://www.example.com/wp-<wbr>login.php</a>" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"<br>
81.177.126.235 - - [05/Feb/2018:22:08:21 +0100] "GET /wp-login.php HTTP/1.1" 200 1300 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"<br>
81.177.126.235 - - [05/Feb/2018:22:08:22 +0100] "POST /wp-login.php HTTP/1.1" 200 1688 "<a href="http://www.example.com/wp-login.php" rel="noreferrer" target="_blank">http://www.example.com/wp-<wbr>login.php</a>" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"<br>
109.252.93.223 - - [06/Feb/2018:00:20:05 +0100] "GET /wp-login.php HTTP/1.1" 200 1300 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"<br>
109.252.93.223 - - [06/Feb/2018:00:20:05 +0100] "POST /wp-login.php HTTP/1.1" 200 1688 "<a href="http://www.example.com/wp-login.php" rel="noreferrer" target="_blank">http://www.example.com/wp-<wbr>login.php</a>" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"<br>
95.26.90.3 - - [06/Feb/2018:00:20:10 +0100] "GET /wp-login.php HTTP/1.1" 200 1300 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"<br>
95.26.90.3 - - [06/Feb/2018:00:20:11 +0100] "POST /wp-login.php HTTP/1.1" 200 1688 "<a href="http://www.example.com/wp-login.php" rel="noreferrer" target="_blank">http://www.example.com/wp-<wbr>login.php</a>" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"<br>
<br>
Me too :-(<br>
<br>
Ph. Gras<br>
<div><div class="h5"><br>
> Hi,<br>
><br>
> When i run this curl call -> curl -X GET <a href="http://13.127.165.226/" rel="noreferrer" target="_blank">http://13.127.165.226/</a> -H 'cache-control: no-cache' -H 'postman-token: 2494a4a7-6791-2426-cedf-<wbr>d0bcaa1cd90a' -H 'x-forwarded-for: 12.12.12.13.11'<br>
><br>
> Ideally the request should not be allowed and the access log should report 403 instead of 200<br>
> I get 200 OK in the access.log<br>
><br>
>   location / {<br>
>         proxy_set_header X-Forwarded-For $remote_addr;<br>
>         allow   <a href="http://182.76.214.126/32" rel="noreferrer" target="_blank">182.76.214.126/32</a>;<br>
>         allow   <a href="http://116.75.80.47/32" rel="noreferrer" target="_blank">116.75.80.47/32</a>;<br>
>         deny all;<br>
>         error_page 404 /404.html;<br>
>             location = /40x.html {<br>
>         }<br>
><br>
> Please let me know if i am missing anything.<br>
><br>
> Best Regards,<br>
><br>
> Kaushal<br>
</div></div>> ______________________________<wbr>_________________<br>
> nginx mailing list<br>
> <a href="mailto:nginx@nginx.org">nginx@nginx.org</a><br>
> <a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/<wbr>mailman/listinfo/nginx</a><br>
<br>
______________________________<wbr>_________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/<wbr>mailman/listinfo/nginx</a></blockquote><div><br></div><div>Hi,</div><div><br></div><div>Checking in if anyone can pitch in for help for my post to this mailing list.</div><div><br></div><div>Thanks in Advance.</div><div><br></div><div>Best Regards,</div><div><br></div><div>Kaushal </div></div><br></div></div>