The Nginx server implements method analysis that restricts access through ip and user_gent

This article illustrates how the Nginx server implementation restricts access through ip and user_gent. I will share it with you for your reference as follows:

The DDOS attack is a common problem encountered in large-scale site visits. It refers to the situation where someone maliciously scrolls certain pages of a site through a program, resulting in slow response or outright denial of service.

This situation can be found by analyzing the access log of nginx. There are a large number of requests of the same ip or user_agent. We can filter out these requests directly at the nginx level according to the similarity of the requests.

Restrict access via ip

Access control module related documentation in Nginx

http://nginx.org/en/docs/http/ngx_http_access_module.html

Access control can deny access through the deny directive, which allows access.

When there are multiple deny and allow rules, the matching rule will pop up.

Refuse to fix ip

deny 192.168.1.12;

Reject the ip segment

deny 192.168.1.0/24;

Only Intranet access is allowed

allow 192.168.1.0/24;
deny all;

Restrict access through user_agent

Nginx has no specific restriction instruction for user_agent. user_agent can be accessed through the variable $http_user_agent in nginx. if directive is used to perform regular matching on user_agent.

The nginx instructions on if are described in detail in the rewrite module

http://nginx.org/en/docs/http/ngx_http_rewrite_module.html

Restrict access to the Jmeter test tool through user_agent

if ($http_user_agent ~ "^Apache.*Java"){
  return 403;
}

I hope this article has helped you with your nginx server maintenance.