Block or ban ip with NGINX

23 sec read

How to block ip with NGINX

0. define block ip on nginx.conf

vim /etc/nginx/nginx.conf

http {
  geo $ban_ip {
    default 0;
    include ban_ip.conf;
  }
}

that will blocked ip by clientip on access.log, if want to block real ip behind proxy set like this:

http {
  geo $http_x_forwarded_for $ban_ip {
    default 0;
    include ban_ip.conf;
  }
}

1. define blocked ip in server {}

vim /etc/nginx/sites-enabled/blackonsole.org.conf

server {
  listen 80;
  server_name blackonsole.org;
  
  if ($ban_ip) {
    return 444;
  }
}

2. add ip in ban_ip.conf

vim /etc/nginx/ban_ip.conf

1.3.4.5 US;
4.23.4.2 CN;
3.2.3.4 whatever;

3. test and reload NGINX

nginx -t
nginx -s reload

Hide PHP-FPM Version on NGINX

Check PHP-FPM version on NGINX HTTP response $ curl -I localhost/index.php HTTP/1.1 200 OK Date: Sat, 12 Aug 2017 14:07:54 GMT Content-Type: text/html Connection:...
Sysadmin.ID
16 sec read

Leave a Reply

Your email address will not be published. Required fields are marked *