nginx - server is DOS, please help

Question

Now server y should be DOSed. Part of the access log is as follows:

27.211.209.120 - - [17/Jul/2016:10:16:32 +0800] "GET /forum.php?&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&&wangzhanbeihei&chongzhuangwangzhan&&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&19541 HTTP/1.1" 200 31 "http://106.187.97.172/info.php" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)"
1.189.19.82 - - [17/Jul/2016:10:16:32 +0800] "GET /forum.php?&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&&wangzhanbeihei&chongzhuangwangzhan&&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&2322 HTTP/1.1" 200 31 "http://106.187.97.172/info.php" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36"
223.246.197.118 - - [17/Jul/2016:10:16:32 +0800] "GET /forum.php?&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&&wangzhanbeihei&chongzhuangwangzhan&&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&7147 HTTP/1.1" 200 31 "http://106.187.97.172/info.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53"

Then refere shows all from
http://106.187.97.172/info.php

I configured nginx

map $http_referer $bad_referer {
   default 0;
   "106.187.97.172/info.php" 1;
}

and

location / {
    if ($bad_referer) {
      return 403;
    }

After restarting nginx

nginx log still shows 200 ok for access? Where did I go wrong?

Answer 1

Use Alibaba Cloud, Amazon Cloud, or Baidu Cloud acceleration to resolve domain names, which can resist DoS