access_log format $remote_user anonymous question

c0nw0nk nginx-forum at forum.nginx.org
Wed Sep 21 21:28:26 UTC 2016


Thanks for the information so based of what that resource says and from what
I understand surely that field should only say "anonymous" or "username" if
on those files / folders in my Nginx config I use "auth_basic" ?

http://nginx.org/en/docs/http/ngx_http_auth_basic_module.html

The fact they are inputting that header unlike everyone else just alerts
me.

Because I don't use auth_basic anywhere would anything bad happen if I did
the following.

if($remote_user != "^$") { #Block requests where the user is not empty /
missing
return 444;
}

Their IP is also listed on stopforumspam's database what also raises
suspicion further https://www.stopforumspam.com/ipcheck/176.57.129.88

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,269734,269740#msg-269740



More information about the nginx mailing list