Large IP deny list
Igor Sysoev
is at rambler-co.ru
Mon Oct 19 18:17:57 MSD 2009
On Mon, Oct 19, 2009 at 10:10:39AM -0400, coldplug wrote:
> Hello. I want to filter some services from accessing my webs, for example host-tracker.com and similar. For that purporse I created conf file with really lot of "deny IP;" directives in it. Would this very large IP deny list affect nginx performance?
Yes.
> Also, is there a limit how much single IPs can be blocked by nginx?
~2^32 on 32-bit host.
It's better to use geo module for large number of IPs:
http://wiki.nginx.org/NginxHttpGeoModule
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list