Where to place Nginx IP blacklist config file?

Posted by ProfessionalAmateur on Server Fault See other posts from Server Fault or by ProfessionalAmateur
Published on 2012-09-27T20:22:59Z Indexed on 2012/09/27 21:39 UTC
Read the original article Hit count: 370

Filed under:

nginx

|

ip

|

configuration

|

blacklist

I have an Nginx web server hosting two sites. I created a blockips.conf file to blacklist IP addresses that are constantly probing the server and included this file in the nginx.conf file. However in my access logs for the sites I still see these IP addresses showing up. Do I need to include the black list in each site's conf instead of the global conf for Nginx?

Here is my nginx.conf

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;

    keepalive_timeout  65;

    include /etc/nginx/conf.d/*.conf;
    # Load virtual host configuration files.
    include /etc/nginx/sites-enabled/*;

    # BLOCK SPAMMERS IP ADDRESSES
    include /etc/nginx/conf.d/blockips.conf;
}

blockips.conf

deny 58.218.199.250;

access.log still shows this IP address.

58.218.199.250 - - [27/Sep/2012:06:41:03 -0600] "GET http://59.53.91.9/proxy/judge.php HTTP/1.1" 403 570 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" "-"

What am I doing incorrectly?

© Server Fault or respective owner

Related posts about nginx

ModSecurity compile error on nginx

as seen on Server Fault - Search for 'Server Fault'
I'm trying to install ModSecurity on nginx with the following instructions : wget https://github.com/SpiderLabs/ModSecurity/archive/master.zip unzip master cd ModSecurity-master ./autogen.sh ./configure --enable-standalone-module And i got the following error : Checking plataform... Identified… >>> More
Cannot Start Nginx Compiled from Source

as seen on Server Fault - Search for 'Server Fault'
I am trying to compile Nginx from source based on the original compiled Nginx server running on my DigitalOcean server ( Ubuntu-14.04 64x ) but with a few extra modules. I can get everything installed smoothly but I can not get it to start. I am sure the ini is correct because I copied the original… >>> More
Nginx http_mp4_module seam installed but dont work

as seen on Server Fault - Search for 'Server Fault'
I try to use the http_mp4_module on my Ubuntu server but that didnt seem to work at all. When i check nginx -V i get : nginx version: nginx/1.1.19 TLS SNI support enabled configure arguments: --prefix=/etc/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-client-body-temp-path=/var/lib/nginx/body… >>> More
GeoIP and Nginx

as seen on Server Fault - Search for 'Server Fault'
I have a nginx with geoip, but it is not working rightly. The issue is the next: Nginx are getting geodata from $_SERVER['REMOTE_ADDR'] instead of $_SERVER['HTTP_X_HAPROXY_IP'], which have the real client ip. So, the reported geodata belongs to my server ip instead of client ip. Does anybody where… >>> More
Nginx1.6.1: Installing from source not running corectly

as seen on Server Fault - Search for 'Server Fault'
I just installed Nginx 1.6.1 from source but it didn't seem to installed correctly. Nginx is running if I service nginx status but when I do nginx -v it outputs command not found. Regular HTML page shows fine and there is no error in the error logs. I am on AWS Ec2 linux AMI. Here is my /etc/init… >>> More

Related posts about ip

Getting USB Wifi device to work

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have been trying to get an Olitec Wifi N USB dongle to work. At first it lit up but wouldn't connect. A little Googling suggested that it would need ndiswrapper to make it work. After installing and trying to add driver with ndisgtk, I got the error message FATAL: Module ndiswrapper not found.… >>> More
Cisco 800 series won't forward port

as seen on Server Fault - Search for 'Server Fault'
Hello ServerFault, I am trying to forward port 444 from my cisco router to my Web Server (192.168.0.2). As far as I can tell, my port forwarding is configured correctly, yet no traffic will pass through on port 444. Here is my config: ! version 12.3 service config no service pad service tcp-keepalives-in service… >>> More
Cisco 881 losing NAT NVI translation config after reload

as seen on Server Fault - Search for 'Server Fault'
This is a weird one, so I'll try to explain in as much detail as I can so I'm giving the whole picture. As I've mentioned in my other questions, I'm in the process of setting up a new Cisco 881 as my WAN router and NAT firewall. I'm facing an issue where NAT NVI rules that I have configured are not… >>> More
Bind an ip address to Postfix as outgoing ip

as seen on Server Fault - Search for 'Server Fault'
Is that possible to bind all available public ip addresses on a server to one Postfix instance as its outgoing ip pool and let it choose a random ip or specified ip from the pool each time it sends out an email? If above is not possible, can it be configured to listen on one public ip address per… >>> More
What approach to take for SIMD optimizations

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I am trying to optimize below code for SIMD operations (8way/4way/2way SIMD whiechever possible and if it gives gains in performance) I am tryin to analyze it first on paper to understand the algorithm used. How can i optimize it for SIMD:- void idct(uint8_t *dst, int stride, int16_t *input… >>> More