使用 nginx deny 拦截恶意IP
1.创建文件
touch /etc/nginx/blocksip.conf
touch /etc/nginx/blocksip.tmp
2.nginx 配置文件
`
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
include blocksip.conf;
...
}`3.创建shell脚本文件
vi /etc/nginx/ipnginxcheck.sh
#!/bin/bash
NGX_DIR=/etc/nginx
# 解封IP
# echo "" > $NGX_DIR/blocksip.conf
# 判断1分钟前重复的数量是否超过60个
awk -v date=$(date -d '1 minute ago' +['%d/%b/%Y:%H:%M']) '$4 > date {print $0}' /var/log/nginx/access.log | awk '{print $1}' | sort | uniq -cd | awk '{if($1>60)print $0}' > $NGX_DIR/blocksip.tmp
if [ -s "$NGX_DIR/blocksip.tmp" ]
then
for ip in `cat /etc/nginx/blocksip.tmp|awk '{print $2}'`
do
result=$(grep $ip $NGX_DIR/blocksip.conf)
#判断ip是否已经被屏蔽
if [ -z "$result" ]; then
echo "deny $ip;" >> $NGX_DIR/blocksip.conf
fi
done
/usr/sbin/nginx -s reload
fi
chmod +x /etc/nginx/ipnginxcheck.sh
4.创建计划任务
crontab -e
添加
* * * * * /etc/nginx/ipnginxcheck.sh
参考链接
https://blog.csdn.net/weixin_43268590/article/details/130832562
https://blog.csdn.net/zalan01408980/article/details/104533427