Today i found one particular IP address which was trying a lot of things in
my server.
For a second, it was sending atleast 50 requests.
It was keep on accessing my admin login page with post and get request
That IP tried proxy GET http://...
It tried to inject something in the script with -d parameter.
i added "limit_req_zone $binary_remote_addr zone=app:10m rate=2r/s; " in
http block and
location / {
limit_req zone=app burst=50;
}
I believe it will block too many connections per second from a ip.
How do i secure the server from other attacks?
Thanks
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,243933,243933#msg-243933
_______________________________________________
nginx mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx
