Obvious malware rejection module?

Sergey A. Osokin osa at freebsd.org.ru
Mon Feb 14 15:58:27 UTC 2022


Hi Skip,

hope you're doing well.

On Mon, Feb 14, 2022 at 07:39:46AM -0600, Skip Montanaro wrote:
> I have a simple website with NGINX fronting Gunicorn and Flask. Of course,
> within minutes of it going live, I started to get obvious crap, probing for
> vulnerabilities. Nothing's gotten through yet, at least as far as I can
> tell. Even so, it would be nice if such malware-type requests were rejected
> by NGINX before they reach the backend.
> 
> Is there a module for NGINX which implements something like a blackhole
> list similar to what you find on email servers, that is, offloading the
> acceptance or rejection of certain paths to a community-managed database? I
> scrolled through the list here:
> 
> https://www.nginx.com/resources/wiki/modules/
> 
> but didn't see anything obvious. I could establish my own rewrite rules
> (and probably will) for some of the most egregious requests (anything
> ".php" would get dropped, for example), but was hoping something already
> existed.

You'd probably need to install a WAF, Web Application Firewall.  Some
of those are avaialble for free.

--
Sergey Osokin



More information about the nginx mailing list