On 8/28/25 21:36, Brett Cooper wrote:
/.../
If that server block is only serving Perl /.../ it might be best to simply use
the following for the Perl server configuration block:
location ~ \.php$ { return 444; }
/.../ you could also configure this within the overall
server {} block:
if ($http_user_agent = "") { return 444; }
Many thanks.
I am currently (a bit "hit and miss") using :
proxy_buffering on; # maybe helps proxied apache2 ?
connection_pool_size 512;
client_header_buffer_size 512;
large_client_header_buffers 4 512;
location ~ \.php$ { return 444; }
if ($http_user_agent = "") { return 444; }
But the $http_user_agent often 'appears' to be, e.g.:
66.249.69.8 - - [26/Sep/2025:21:13:20 +0000] "GET /cgi-bin/whatever" 200
3672 "-" "Mozilla...)"
Note the "-" which doesn't get a 444, Tried ($http_user_agent =
(""|"-")) but #nginx -t is not happy.
Tnx and br,
Paul
Regards,
Brett
------ Original Message ------
From "Paul" <[email protected] <mailto:[email protected]>>
To [email protected] <mailto:[email protected]>
Date 08/28/2025 07:13:26 P
Subject Using 444
I'm looking for advice, please. Using Nginx v1.18.0 (Ubuntu) which is
"old" but security updated by Canonical, rock solid and very fast, for
several static html sites and as proxy to a couple of other sites
using python or perl. Total ~250k requests/day
Recently logs have started showing ~10k php requests in rapid bursts.
On a proxy to a perl box, this is a serious slow down
I've added the following, appears to work well
location ~ \.php$ {
if ($request_method = GET) {
return 444; # Drop
}
}
I'm considering editing to ^(GET|HEAD|POST)$) {
Any thoughts, downsides, recommendations?
Tnx and warmest regards to all,
Paul
\\\||//
(@ @)
ooO_(_)_Ooo__________________________________
|______|_____|_____|_____|_____|_____|_____|_____|
|___|____|_____|_____|_____|_____|_____|_____|____|
|_____|_____| mailto:[email protected] _|____|____|
