How to rate-limit jorgee malware scanner?
Zhang Chao
zchao1995 at gmail.com
Mon Jul 24 12:12:06 UTC 2017
Hi!
Nginx carries with the limit_req_module
<http://nginx.org/en/docs/http/ngx_http_limit_req_module.html>. I think it
is a good helper.
On 24 July 2017 at 20:10:05, Gary Sellani (lists at lazygranch.com) wrote:
I just detect the use agent and return 444, but every attempt to get a file
will show up in your access.log.
https://www.buildersociety.com/threads/block-unwanted-bots-on-apache-nginx-constantly-updated.1898/
I get two or three jorgee "sessions" a day. They tend not to use the domain
name but reference your server by IP, so there might be some better
blocking scheme.
Original Message
From: tkadm30 at yandex.com
Sent: July 24, 2017 3:14 AM
To: nginx at nginx.org
Reply-to: nginx at nginx.org
Subject: How to rate-limit jorgee malware scanner?
Hi,
The Jorgee malware scanner is creating a lot of activity on my site. I
would like to rate-limit its connections to nginx based on the
User-Agent, since blocking all IP addresses with iptables seems
impossible. Is their a quick way of doing this ?
Thank you in advance ,
E
--
Etienne Robillard
tkadm30 at yandex.com
http://www.isotopesoftware.ca/
_______________________________________________
nginx mailing list
nginx at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________
nginx mailing list
nginx at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20170724/60fbe15a/attachment.html>
More information about the nginx
mailing list