一、黑名单配置 | 干干的笔记

# 一、黑名单配置

在nginx.conf http模块最后加上配置

#黑名单设置     
include /usr/local/nginx/conf/blockip.conf;

1
2

# 二、创建脚本

#!/bin/bash
tail -n50000 /home/wwwlogs/access.log \
|awk '{print $1,$12}' \
|grep -i -v -E "google|yahoo|baidu|msnbot|FeedSky|sogou|360|bing|soso|403|admin" \
|awk '{print $1}'|sort|uniq -c|sort -rn \
|awk '{if($1>100)print "deny "$2";"}' >> /usr/local/nginx/conf/blockip.conf
lnmp nginx reload

1
2
3
4
5
6
7

tail -n50000 /home/wwwlogs/access.log 
| grep -i -v -E "google|yahoo|baidu|msnbot|FeedSky|sogou|360|bing|soso|403|admin|白名单IPxxx" 
| awk '{print $1,$12}'|awk '{print $1}'|sort|uniq -c|sort -rn|head -20
| awk '{if($1>1000)print "deny "$2";"}' >> /usr/local/nginx/conf/blockip.conf

1
2
3
4

# 三、定时任务

*/30 * * * * /bin/sh /root/tools/blockip.sh

← Nginx限流统计 →