Hi Paul,
If that server block is only serving Perl and nothing else at all, you
should be fine to just strip out anything PHP-extension request-like
without using the if statement. Judging with what you've stated, and
without having seen access/error logs, it might be best to simply use
the following for the Perl server configuration block:
location ~ \.php$ { return 444; }
It may also be pertinent to utilize `access_log off; ` and
`log_not_found off;` within that location clause if you are also having
resource/log-storage issues.
Additionally, if the bogus PHP requests are coming from clients not
sending a user agent (which from my POV, has been a common theme with
probing bots lately), you could also configure this within the overall
server {} block:
if ($http_user_agent = "") { return 444; }
Regards,
Brett
------ Original Message ------
From "Paul" <p...@stormy.ca>
To nginx@freenginx.org
Date 08/28/2025 07:13:26 P
Subject Using 444
I'm looking for advice, please. Using Nginx v1.18.0 (Ubuntu) which is "old" but
security updated by Canonical, rock solid and very fast, for several static html sites
and as proxy to a couple of other sites using python or perl. Total ~250k requests/day
Recently logs have started showing ~10k php requests in rapid bursts. On a
proxy to a perl box, this is a serious slow down
I've added the following, appears to work well
location ~ \.php$ {
if ($request_method = GET) {
return 444; # Drop
}
}
I'm considering editing to ^(GET|HEAD|POST)$) {
Any thoughts, downsides, recommendations?
Tnx and warmest regards to all,
Paul
