I would return nothing, that is the 444 code. I have scripts that process access.log for 444, then see if they come from locations without eyeballs such as data centers, VPS, etc. The entire IP space then goes in the firewall block. Your typical sysadmin on forums rants that I will end up blocking the entire world, but I can go days without seeing a IP that is not from an ISP. That is my blocking list is very effective. I get about a hundred IPs a day doing mischief, with 99.99% looking to hack WordPress, which I don't even run. Most of the hits report a user agent rev of Firefox that never existed.
On 5/19/2017 3:14 PM, Alex Samad wrote:
"deny" by default will return 403. if you want to return 404 instead you can do something like the following: ### return 404 for requests to /404.internal location = /404.internal { internal; } ### send 403 to /404.internal to return 404 code instead error_page 403 =404 /404.internal; Of course, if you have a custom 404 page you can use it instead of the /404.internal, but this is a simple way that doesn't rely on any additional resources. Igal Sapir |
_______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx