linux:webserver:nginx
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
linux:webserver:nginx [2016/09/24 22:08] tkilla [microcaching] |
linux:webserver:nginx [2020/11/13 04:12] (current) tkilla [Block Bots, SQL Injections, etc] |
||
|---|---|---|---|
| Line 143: | Line 143: | ||
| fastcgi_pass_header Cookie; | fastcgi_pass_header Cookie; | ||
| fastcgi_ignore_headers Cache-Control Expires Set-Cookie; | fastcgi_ignore_headers Cache-Control Expires Set-Cookie; | ||
| + | |||
| + | ====== Security ====== | ||
| + | |||
| + | |||
| + | ===== Block Bots, SQL Injections, etc ===== | ||
| + | |||
| + | Howto Block Bots in nginx.conf or included config. Here's an extensive List: | ||
| + | |||
| + | server { ... | ||
| + | | ||
| + | if ($http_user_agent ~* (AspiegelBot|MegaIndex|heritrix|panscient|HubSpot|libwww-perl|OpenVAS-VT|masscan|Linguee|Nimbostratus|Seekport|SMTBot|SEOkicks|SeobilityBot|360Spider|AhrefsBot|BLEXBot|MJ12bot|BUbiNG|Findxbot|Morfeus|larbin|ZmEu|Toata|talktalk|Baiduspider|webalta|nikto|wkito|pikto|scan|acunetix|morfeus|webcollage|youdao|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner|SemrushBot|GetWeb!|GetRight|Go!Zilla|Download\Demon|Go-Ahead-Got-It|TurnitinBot|GrabNet|Indy\ Library) ) { | ||
| + | | ||
| + | # Connection Closed Without Response | ||
| + | # A non-standard status code used to instruct nginx to close the connection without sending a response to the client, | ||
| + | # most commonly used to deny malicious or malformed requests. | ||
| + | | ||
| + | return 444; | ||
| + | } | ||
| + | ... | ||
| + | } | ||
| + | |||
| + | |||
| + | |||
| + | https:// | ||
| + | |||
| + | |||
linux/webserver/nginx.1474747684.txt.gz ยท Last modified: 2016/09/24 22:08 by tkilla
