nginx - Nginx GET攻击
问题描述
我怎样才能阻止这个请求方法,因为我在 vps 上消耗了我的所有限制,并且该站点变得不可用。我设置了它,但它不计入 nginx.conf
map $request_method $limit {
default "";
POST $binary_remote_addr;
}
limit_req_zone $binary_remote_addr zone=perip:10m rate=1r/s;
limit_req_zone $server_name zone=perserver:10m rate=10r/s;
在 common_http.conf 中
if ($request_method !~ ^(GET|HEAD|POST)$ ) {
return 405;
}
try_files $uri $uri/ @backend;
来自 nginx access.log 的请求
200.98.247.2 - - [02/Oct/2018:00:37:50 +0000] "GET / HTTP/1.1" 302 5 "-" "-"
187.17.96.25 - - [02/Oct/2018:00:37:50 +0000] "GET / HTTP/1.1" 302 5 "-" "-"
184.168.46.123 - - [02/Oct/2018:00:37:50 +0000] "GET / HTTP/1.0" 302 0 "-" "-"
187.17.96.29 - - [02/Oct/2018:00:37:50 +0000] "GET / HTTP/1.1" 302 5 "-" "-"
200.98.247.2 - - [02/Oct/2018:00:37:51 +0000] "GET / HTTP/1.1" 302 5 "-" "-"
85.31.185.2 - - [02/Oct/2018:00:37:51 +0000] "GET / HTTP/1.1" 302 5 "-" "-"
94.73.148.10 - - [02/Oct/2018:00:37:52 +0000] "GET / HTTP/1.1" 499 0 "-" "-"
94.73.148.10 - - [02/Oct/2018:00:37:52 +0000] "GET / HTTP/1.1" 499 0 "-" "-"
94.73.148.10 - - [02/Oct/2018:00:37:52 +0000] "GET / HTTP/1.1" 499 0 "-" "-"
94.73.148.10 - - [02/Oct/2018:00:37:52 +0000] "GET / HTTP/1.1" 499 0 "-" "-"
200.98.247.2 - - [02/Oct/2018:00:37:52 +0000] "GET / HTTP/1.1" 302 5 "-" "-"
解决方案
推荐阅读
- javascript - lodash 节流 - 绑定时未调用函数
- python - 生成一个数字列表——一般来说哪个更好?
- java - 子点击侦听器在可展开列表视图中不起作用
- ruby-on-rails - 无法写入未知属性“parent_id”、has_one 和 belongs_to
- apache-kafka - 读取 ksql 中的管道分隔值
- javascript - 通过替换在另一个对象中找到的属性名称来创建新对象
- django - Django - 注释多个 Sum() 对象会给出错误的结果
- spring - 无法读取配置属性
- sqlite - 无法使用带有 QML 事务的 Qt 删除 SQLite 数据库
- mysql - 为什么 Mysql 8.0.19 解释显示查询没有在“where tinyint”上使用索引,但“where tinyint = true”使用了索引