Blocking access by user agent in Nginx

 

How to block access by user agent in Nginx. In this configuration, i will use ngx_http_map_module.

Inside http section:

include /etc/nginx/blacklist;

Inside server section (virtual host). We will return 444 status code.

if ($block_ua) {
        return 444;
}

The blacklist file (example)

map $http_user_agent $block_ua {
        default           0;
        ~*profound        1;
        ~*scrapyproject   1;
        ~*netcrawler      1;
        ~*nmap            1;
	~*sqlmap	  1;
	~*slowhttptest	  1;
	~*nikto		  1;
	~*jersey	  1;
	~*brandwatch	  1;
	~*magpie-crawler  1;
	~*mechanize	  1;
	~*python-requests 1;
	~*redback	  1;
}

For testing:

aelius@macbook:~$ curl --head -A "profound" https://www.unixteacher.org/
curl: (52) Empty reply from server

What is http status 444 ?

A non-standard status code used to instruct nginx to close the connection without sending a response to the client, most commonly used to deny malicious or malformed requests.

 

 

-
Marcadores: ,

Mobile Access SSL Network Extender (SNX) remote users with Windows 11 24H2 fail to connect

  Cause The conflict resolution mechanism in Windows 11 24H2 is different than in earlier versions of Windows. Solution On the Windows endpo...

Mais vistos