>> I agree. I switched to nginx from apache a while back and I love it. >> But the nginx rate limiting can't do anything like block a series of >> sequential IPs that are making too many combined requests when no >> single IP is making too many requests by itself. >> >> - Grant
> What differentiates these ips to block from ones that should not be > blocked? Is there some characteristic about the ips or about the pattern > of bad traffic that could be used to clearly differentiate it from good > traffic? > John Well, in any particular case the bad IPs could be using the same UA (such as is the case with semrush) but I'm looking for something that won't require me to monitor my traffic and find the common denominator. I'm looking for something that can evaluate IPs for rate limiting based on subnet instead of IP. - Grant ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today. http://sdm.link/xeonphi _______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
