Obvious malware rejection module?

Skip Montanaro skip.montanaro at gmail.com
Mon Feb 14 13:39:46 UTC 2022

I have a simple website with NGINX fronting Gunicorn and Flask. Of course,
within minutes of it going live, I started to get obvious crap, probing for
vulnerabilities. Nothing's gotten through yet, at least as far as I can
tell. Even so, it would be nice if such malware-type requests were rejected
by NGINX before they reach the backend.

Is there a module for NGINX which implements something like a blackhole
list similar to what you find on email servers, that is, offloading the
acceptance or rejection of certain paths to a community-managed database? I
scrolled through the list here:


but didn't see anything obvious. I could establish my own rewrite rules
(and probably will) for some of the most egregious requests (anything
".php" would get dropped, for example), but was hoping something already


Skip Montanaro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220214/6e568656/attachment.htm>

More information about the nginx mailing list