Limited-Time Donation Special!
Upgrade to Snow for $20 USD and receive a free copy of Oblivion Light ($5 discount).
Upgrade to +Blizzard for $35 USD and receive a free copy of Oblivion Light ($15 discount).

Please visit the thread below for more details.
CLICK HERE

Contact @Davlin with questions or comments.

Jump to content
Sign in to follow this  
Zero108

Spam protection: blocking by the IP-list via nginx.conf

Recommended Posts

Posted (edited)

1. Open for editing the /etc/nginx/nginx.conf file and add after http {

    include /etc/nginx/blockips.conf;
        where /etc/nginx/ - path to the blockips.conf file from the server root.

http {
    include /etc/nginx/blockips.conf;

    
2. Create a text file called blockips.conf with the encoding UTF-8 in the Notepad ++.

3. Add a list of blocked IP addresses to the blockips.conf file by the sample below (there are several possible options):

deny 31.220.61.77;
deny 185.84.148.0/22;
deny 2a02:748:b000:3:a87a:866d:94f0:ffbe;
deny 2a02:748:b000:3:a87a:866d:94f0:ffbe/22;

Note:

   
Tools for creation of a list of blocked IP addresses:
    
    1) Live blacklist ipv4/ipv6 addresses database for the last 10 days: 
   https://ru.myip.ms/files/blacklist/csf/latest_blacklist.txt
    
    2) Recently submitted by users ipv4/ipv6 addresses database:
   https://ru.myip.ms/files/blacklist/csf/latest_blacklist_users_submitted.txt
    
    To quickly edit the list above use the Notapad++:
        - press Ctrl+H to open the automatic replacement window.
        - mark the Extended checkbox in the opened window.
        - further replace \r with ;
        - further replace \n with \ndeny(blank)
        - you should get the following result:

          deny 46.101.204.143;
          deny 55.101.204.143/21;

    
    Additional tools for creation of a list of blocked IP addresses:
    
    3) Subnet calculator: http://smart-ip.net/calculator
    4) IP to CIDR: http://ip2cidr.com/bulk-ip-to-cidr-converter.php
    5) Creating an IP list in the CIDR format by countries: http://software77.net/geo-ip/ (find the "Country IP listing" on the right side, select a country and CIDR).
    
4. Upload the blockips.conf file to the server by ssh, set CHMOD 644 on it via any file manager.

5. Restart Nginx, for example, by the terminal command: service nginx restart

6. Periodically update the IP-list, at least once per month.

PS A sample file was added with the list of blocked IP addresses and also the addition of the Ukraine IP-range below  (the addition of Ukraine is greatly reduced the number of spammers on my sites, but this is purely individual).

blockips.conf.txt

Edited by Zero108

Share this post


Link to post
Share on other sites
What do you think? Remember the human.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×