I can confirm that my logs show the same thing. It's been happening for a short while now. Thank you very much for sharing your script. I have just been letting fail2ban deal with it but this is a better remedy I think.
Thank you again!
-E
Thank you.
Warmest Regards,
Eric
________________________________
From: arch-general
I'm getting a lot of connections from China it seems. Whenever I check my journalctl, it's an andless wall of nginx complaints about a single ip spamming requests fro different php files. This happens with hundreds of ip's, and tens of times daily. Has anyone else been hit by this. I already made a shellscript to block all connections from China, but I'm curious as to why this happens, and if anyone else has had the same problem.
Anyways, I fixed my problem via a combination of fail2ban and this script: https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbbs.archli..., so it isn't a problem anymore