nginx - Nginx GET攻击

问题描述

我怎样才能阻止这个请求方法，因为我在 vps 上消耗了我的所有限制，并且该站点变得不可用。我设置了它，但它不计入 nginx.conf

 map $request_method $limit {
default         "";
    POST            $binary_remote_addr;
}
limit_req_zone $binary_remote_addr zone=perip:10m rate=1r/s;
limit_req_zone $server_name zone=perserver:10m rate=10r/s;

在 common_http.conf 中

if ($request_method !~ ^(GET|HEAD|POST)$ ) {
return 405;
}
try_files $uri $uri/ @backend;

来自 nginx access.log 的请求

200.98.247.2 - - [02/Oct/2018:00:37:50 +0000] "GET / HTTP/1.1" 302 5 "-" "-"
    187.17.96.25 - - [02/Oct/2018:00:37:50 +0000] "GET / HTTP/1.1" 302 5 "-" "-"
    184.168.46.123 - - [02/Oct/2018:00:37:50 +0000] "GET / HTTP/1.0" 302 0 "-" "-"
    187.17.96.29 - - [02/Oct/2018:00:37:50 +0000] "GET / HTTP/1.1" 302 5 "-" "-"
    200.98.247.2 - - [02/Oct/2018:00:37:51 +0000] "GET / HTTP/1.1" 302 5 "-" "-"
    85.31.185.2 - - [02/Oct/2018:00:37:51 +0000] "GET / HTTP/1.1" 302 5 "-" "-"
    94.73.148.10 - - [02/Oct/2018:00:37:52 +0000] "GET / HTTP/1.1" 499 0 "-" "-"
    94.73.148.10 - - [02/Oct/2018:00:37:52 +0000] "GET / HTTP/1.1" 499 0 "-" "-"
    94.73.148.10 - - [02/Oct/2018:00:37:52 +0000] "GET / HTTP/1.1" 499 0 "-" "-"
    94.73.148.10 - - [02/Oct/2018:00:37:52 +0000] "GET / HTTP/1.1" 499 0 "-" "-"
    200.98.247.2 - - [02/Oct/2018:00:37:52 +0000] "GET / HTTP/1.1" 302 5 "-" "-"

标签： nginx