如何创建一个nginx规则来阻止对Web服务器的扫描?

时间:2013-10-14 10:16:14

标签: logging nginx

我刚发现有人试图扫描我的网络服务器来破解用户的密码。 我该如何阻止这种访问?

171.12.148.114 - - [14/Oct/2013:09:48:01 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "174.44.72.5"
171.12.148.114 - - [14/Oct/2013:09:48:01 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "106.4.59.6"
171.12.148.114 - - [14/Oct/2013:09:48:01 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "14.17.60.6"
171.12.148.114 - - [14/Oct/2013:09:48:01 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "220.44.43.6"
171.12.148.114 - - [14/Oct/2013:09:48:01 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "174.44.72.6"
171.12.148.114 - - [14/Oct/2013:09:48:01 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "106.4.59.7"
171.12.148.114 - - [14/Oct/2013:09:48:01 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "220.44.43.7"
171.12.148.114 - - [14/Oct/2013:09:48:01 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "14.17.60.7"
171.12.148.114 - - [14/Oct/2013:09:48:01 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "174.44.72.7"
171.12.148.114 - - [14/Oct/2013:09:48:01 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "106.4.59.8"
171.12.148.114 - - [14/Oct/2013:09:48:01 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "220.44.43.8"
171.12.148.114 - - [14/Oct/2013:09:48:02 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "14.17.60.8"
171.12.148.114 - - [14/Oct/2013:09:48:02 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "174.44.72.8"
171.12.148.114 - - [14/Oct/2013:09:48:02 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "220.44.43.9"
171.12.148.114 - - [14/Oct/2013:09:48:02 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "106.4.59.9"
171.12.148.114 - - [14/Oct/2013:09:48:02 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "174.44.72.9"
171.12.148.114 - - [14/Oct/2013:09:48:02 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "14.17.60.9"
171.12.148.114 - - [14/Oct/2013:09:48:02 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "220.44.43.10"
171.12.148.114 - - [14/Oct/2013:09:48:02 +0800] "POST /forummember.php?mod=logging&action=login&loginsubmit=yes&loginhash=&inajax=1 HTTP/1.1" 302 154 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" "106.4.59.10"

1 个答案:

答案 0 :(得分:0)

您可以使用以下模块限制IP请求和连接的数量:

ngx_http_limit_req_modulengx_http_limit_conn_module

还建议使用naxsi:https://github.com/nbs-system/naxsi

NAXSI意味着Nginx Anti Xss& Sql Injection。

相关问题
最新问题