In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-19 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >
Share
Shulou(Shulou.com)06/02 Report--
This article mainly shows you "how linux forbids frequently visited ip to access nginx". The content is simple and clear. I hope it can help you solve your doubts. Let me lead you to study and learn this article "how linux forbids frequently visited ip to visit nginx".
Experimental environment
Version: redhat6.5
Ip:172.16.1.100172.16.10
Software: nginx
172.16.1.10 deploy nginx
[root@localhost tools] # lsnginx-1.11.2.tar.gz [root@localhost tools] # yum install gcc gcc-c++ make automake autoconf libtool pcre* zlib openssl openssl-devel [root@localhost tools] # tar xf nginx-1.11.2.tar.gz [root@localhost tools] # lsnginx-1.11.2 nginx-1.11.2.tar.gz [root@localhost tools] # cd nginx-1.11.2 [root@localhost nginx-1.11.2] # lsauto CHANGES CHANGES.ru Conf configure contrib html LICENSE man README src [root@localhost nginx-1.11.2] #. / configure [root@localhost nginx-1.11.2] # make [root@localhost nginx-1.11.2] # make install
Test the nginx service
[root@localhost] # curl-I 172.16.1.100HTTP/1.1 200 OKServer: nginx/1.11.2Date: Mon, 17 Aug 2020 09:36:29 GMTContent-Type: text/htmlContent-Length: 15Last-Modified: Mon, 17 Aug 2020 09:36:19 GMTConnection: keep-aliveETag: "5f3a4f93-f" Accept-Ranges: bytes
Nginx can be accessed normally.
Next, assume that 172.16.1.100 is a hacker host that accesses the nginx service frequently
Simulate 172.16.1.100 visits for 10 times 172.16.1.10
172.16.1.100
[root@localhost] # ab-c 1-n 10 http://172.16.1.10/This is ApacheBench, Version 2.3 Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/Licensed to The Apache Software Foundation Http://www.apache.org/Benchmarking 172.16.1.10 (be patient). DoneServer Software: nginx/1.11.2Server Hostname: 172.16.1.10Server Port: 80Document Path: / Document Length: 612 bytesConcurrency Level: 1Time taken for tests: 0.016 secondsComplete requests: 10Failed requests: 0Write errors: 0Total transferred: 8450 bytesHTML transferred: 6120 bytesRequests per second: 617.02 [# / sec] (mean) Time per request: 1.621 [ms] (mean) Time per request: 1.621 [ms] (mean) Across all concurrent requests) Transfer rate: 509.16 [Kbytes/sec] receivedConnection Times (ms) min mean [+ /-sd] median maxConnect: 0 10.3 0 1Processing: 1 10.3 1 2Waiting: 0 1 0.3 1 1Total: 1 10.5 1 2ERROR: The median and mean for the initial connection time are more than twice the standard deviation apart. These results are NOT reliable.Percentage of the requests served within a certain time (ms) 50% 1 66% 1 75% 1 80% 2 90% 2 95% 2 98% 2 99% 2 100% 2 (longest request)
View nginx Log
172.16.1.10
[root@localhost ~] # tail / usr/local/nginx/logs/access.log172.16.1.100-- [26/Jul/2020:05:58:24 + 0800] "GET / HTTP/1.0" 200612 "" ApacheBench/2.3 "172.16.1.100-[26/Jul/2020:05:58:24 + 0800]" GET / HTTP/1.0 "200612"-"ApacheBench/2.3" 172.16.1 .100-- [26/Jul/2020:05:58:24 + 0800] "GET / HTTP/1.0" 200612 "-" ApacheBench/2.3 "172.16.1.100-[26/Jul/2020:05:58:24 + 0800]" GET / HTTP/1.0 "200612"-"ApacheBench/2.3" 172.16.1.100-- [26/Jul/2020:05:58:24 + 0800] "GET / HTTP/1.0 "200612"-"ApacheBench/2.3" 172.16.1.100-[26/Jul/2020:05:58:24 + 0800] "GET / HTTP/1.0" 200612 "-" ApacheBench/2.3 "172.16.1.100-[26/Jul/2020:05:58:24 + 0800]" GET / HTTP/1.0 "200612"-"ApacheBench/2.3" 172.16.1 .100-- [26/Jul/2020:05:58:24 + 0800] "GET / HTTP/1.0" 200612 "-" ApacheBench/2.3 "172.16.1.100-[26/Jul/2020:05:58:24 + 0800]" GET / HTTP/1.0 "200612"-"ApacheBench/2.3" 172.16.1.100-- [26/Jul/2020:05:58:24 + 0800] "GET / HTTP/1.0 "200612"-"ApacheBench/2.3"
Thus, 172.16.1.100 visits to nginx10 were made in one second, and then the problem ip was disabled.
Restrict ip access through iptables
172.16.1.10
[root@localhost] # iptables-I INPUT-s 172.16.1.100-ptcp-- dport 80-j DROP
172.16.1.100
[root@localhost ~] # curl 172.16.1.10curl: (7) Failed connect to 172.16.1.10 Failed connect to 80; connection timed out
At this point, 172.16.1.100 can no longer access nginx
Nginx profile restrictions
172.16.1.10
172.16.1.100
[root@localhost] # curl-I 172.16.1.10HTTP/1.1 403 ForbiddenServer: nginx/1.11.2Date: Sat, 25 Jul 2020 23:12:06 GMTContent-Type: text/htmlContent-Length: 169Connection: keep-alive
The above is all the contents of the article "how linux forbids frequently visited ip to access nginx". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
