I use three maps to kick out the usual clowns trying to misuse the web server.
(I detect odd urls, bad user agents, and references [Links] from shady
websites.) Any change to a map requires a reload. Or am I wrong?
Original Message
From: nginx@nginx.org
Sent: March 12, 2019
Log files? Nginx.conf file? You need to provide something to analyze. Obviously this has to be 404 failures on resources you actually have. I wouldn't rule out file permission issues. I run two websites on a DO centos droplet. All my problems are self inflicted. ;-)
On the second attempt, is the connection on port 443? Have you set up HSTS?
Mayhe you can pastebin your conf file, sanitizing as appropriate.
Original Message
From: nginx-fo...@forum.nginx.org
Sent: December 13, 2018 6:20 PM
To: nginx@nginx.org
Reply-to: nginx@nginx.org
Subject:
Why wouldn't you just grep the regular log file?
Original Message
From: nginx-fo...@forum.nginx.org
Sent: April 19, 2018 5:53 AM
To: nginx@nginx.org
Reply-to: nginx@nginx.org
Subject: Nginx Log File from Specific PathName in link
Hello everyone ,
Im new here , first post today , been
Your basic idea is right, but what you want to do is use a "map." I will follow up with more details when I can pull the code off my server. I 444 a number of services that I don't use. I have a script to find the IP addresses of those that trigger a 444 from access.log. If they come from a data
Yum install nginx
gets you the binary. I'm not really sure how the dynamic module load works, but
my understanding (or perhaps lack thereof) means you supplement the precompiled
binary with the module.
Solve your other problems first, then you can investigate this if you want to
beat your
I believe you shouldn't have to compile Nginx but use the disty binary. Then
you do the dynamic load trick. This way you can do "yum update" periodically
without having to compile Nginx, but rather just download the latest binary.
However don't break what is working!
Original Message
I believe you need to compile with the appropriate module. If this was freeBSD,
no problem. Just use ports. (Of course FreeBSD has many other problems.) With
centos, you will need to compile the code and use all the "with" options for
each module you want to install. Potentially you will need
Grrr that swift keyboard. There is no space before the capital V.
nginx -V
I'd be surprised if that command doesn't work now. Any reason you haven't
upgraded to Centos 7?
Original Message
From: nginx-fo...@forum.nginx.org
Sent: March 7, 2018 1:53 AM
To: nginx@nginx.org
Reply-to:
nginx - V
will show what modules are installed.
Original Message
From: nginx-fo...@forum.nginx.org
Sent: March 7, 2018 12:24 AM
To: nginx@nginx.org
Reply-to: nginx@nginx.org
Subject: newbie: nginx rtmp module
I'm running centos 6 and installed nginx using 'yum install nginx'. Videos
are
For what situation would it be appropriate to use "nodelay"?
Original Message
From: fran...@daoine.org
Sent: December 2, 2017 3:02 AM
To: nginx@nginx.org
Reply-to: nginx@nginx.org
Subject: Re: Re: How to control the total requests in Ngnix
On Fri, Dec 01, 2017 at 11:18:06AM +0800,
Is this limiting for one connection or rate limiting for the entire server? I
interpret this as a limit for one connection.
I got rid of the trailing period.
https://en.wikipedia.org/wiki/Leaky_bucket
A request is one line in the access log I assume, typically a html verb like
"get". I use
I thought the rate is per IP address, not for whole server.
It would be nice if all the requests were from different IP addresses. In real life, particularly with IPV4, you will get multiple connections from single IP addresses since they sit behind a nat router. I do the connection limiting in the firewall with Nginx limiting as a backup. This makes it
I think a limit of two connections per address is too low. I know that tip pages suggest a low limit in so-called anti-DDOS (really just flood protection). Some large carriers can generate 30+ connections per IP, probably because they lack sufficient IPV4 address space for their millions of
Isn't multipart the means to speed up downloading with multiple streams? So
wouldn't rate limiting solve the problem?
Original Message
From: li...@lazygranch.com
Sent: October 18, 2017 3:15 PM
To: nginx@nginx.org
Reply-to: nginx@nginx.org
Subject: Re: max_ranges not working
This needs
This needs further explaining. If you rate limit, a multiple connection
download manager won't download any faster.
Original Message
From: li...@lazygranch.com
Sent: October 18, 2017 3:13 PM
To: nginx@nginx.org
Reply-to: nginx@nginx.org
Subject: Re: max_ranges not working
I know max
Is the browser cache something I'm supposed to disable on my end, or are you referring to a cache on your end?I'm loading that image on my phone with Chrome and it seems fine.
The trouble is nginx does a fair amount of work before blocking the IP address,
unless things have changed. My recollection is it parses the whole request.
Obviously it doesn't send any data. So you are better off blocking with the
firewall.
You do need to know your audience. Something
I don't know about iptables, but you can limit port 80 and 443 with ipfw. I run mine at 10 per IP. I've had corporations behind NAT trigger lesser limits. My point being you don't have to parse the log (swatch).
@nginx.orgReply-to: nginx@nginx.orgSubject: Re: How to rate-limit jorgee malware scanner? Hi!
Nginx carries with the limit_req_module. I think it is a good helper.
On 24 July 2017 at 20:10:05, Gary Sellani (li...@lazygranch.com) wrote: I just detect the use agent and return 444, but every attempt to get
I just detect the use agent and return 444, but every attempt to get a file
will show up in your access.log.
https://www.buildersociety.com/threads/block-unwanted-bots-on-apache-nginx-constantly-updated.1898/
I get two or three jorgee "sessions" a day. They tend not to use the domain
name but
On Tuesday, September 24, 2013, Jonathan Matthews wrote:
On 24 Sep 2013 18:55, Gary Chodos gcho...@gmail.com javascript:_e({},
'cvml', 'gcho...@gmail.com'); wrote:
Hello,
We are researching which tools would allow us to do what is described in
the subject.
After searching
it,
and if it can't, it simply logs it and returns a 200.
Is this possible and if so how?
Thanks in advance!
-- Gary F.
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Thanks, that did the trick exactly!
Now that I have something that works, I'm off to the docs to figure out where
my fundamental misunderstandings were and correct them. Very much appreciated!
-- Gary F.
On Jul 12, 2013, at 1:04 PM, Maxim Dounin mdou...@mdounin.ru wrote:
Hello!
On Fri
25 matches
Mail list logo
