Do i need mod_security for nginx?
agriz
nginx-forum at nginx.us
Mon Oct 21 20:12:56 UTC 2013
Today i found one particular IP address which was trying a lot of things in
my server.
For a second, it was sending atleast 50 requests.
It was keep on accessing my admin login page with post and get request
That IP tried proxy GET http://...
It tried to inject something in the script with -d parameter.
i added "limit_req_zone $binary_remote_addr zone=app:10m rate=2r/s; " in
http block and
location / {
limit_req zone=app burst=50;
}
I believe it will block too many connections per second from a ip.
How do i secure the server from other attacks?
Thanks
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,243933,243933#msg-243933
More information about the nginx
mailing list