How does Nginx server restrict access by ip and user_gent

DDoS attack is a problem often encountered when accessing large-scale websites. It refers to someone maliciously brushing certain pages of the site through a program, causing the site to respond slowly or directly deny service.

This situation can be found by analyzing the access log of nginx. There are a large number of requests with the same IP or user_agent. We can filter these access requests directly at the nginx level based on the similarity of the requests.

Restrict access through ip

Related documents of the access control module in nginx

Access control can deny access through the deny instruction, and allow access through the allow instruction.

When there are multiple deny and allow rules, it will jump out when the corresponding rule is matched.

Reject fixed ip

deny 192.168.1.12;

Reject ip network segment

deny 192.168.1.0/24;

Only allow intranet access

allow 192.168.1.0/24;
deny all;

Restrict access through user_agent

nginx does not have a specific restriction instruction for user_agent. user_agent can be accessed through the $http_user_agent variable in nginx. Use the if instruction to control user_agent. Regular matching, for the matched rules, just deny access.

The if instruction in nginx is introduced in more detail in the rewrite module

Restrict access to the jmeter test tool through user_agent

if ($http_user_agent ~ "^apache.*java"){
  return 403;
}

The above is the detailed content of How does Nginx server restrict access by ip and user_gent. For more information, please follow other related articles on the PHP Chinese website!