[arch-general] HTTP spam from China
Eric Brown
ericsb at live.com
Tue Feb 26 15:10:25 UTC 2019
I can confirm that my logs show the same thing. It's been happening for a short while now. Thank you very much for sharing your script. I have just been letting fail2ban deal with it but this is a better remedy I think.
Thank you again!
-E
Thank you.
Warmest Regards,
Eric
________________________________
From: arch-general <arch-general-bounces at archlinux.org> on behalf of Juha Kankare via arch-general <arch-general at archlinux.org>
Sent: Tuesday, February 26, 2019 10:06:47 AM
To: arch-general at archlinux.org
Cc: Juha Kankare
Subject: Re: [arch-general] HTTP spam from China
On 26/02/2019 14:40, Juha Kankare via arch-general wrote:
> I'm getting a lot of connections from China it seems. Whenever I check
> my journalctl, it's an andless wall of nginx complaints about a single
> ip spamming requests fro different php files. This happens with hundreds
> of ip's, and tens of times daily. Has anyone else been hit by this. I
> already made a shellscript to block all connections from China, but I'm
> curious as to why this happens, and if anyone else has had the same
> problem.
>
Anyways, I fixed my problem via a combination of fail2ban and this
script: https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbbs.archlinux.org%2Fviewtopic.php%3Fid%3D244527&data=02%7C01%7C%7C9faae115e8674c5fdac308d69bfc0fe8%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636867904239361611&sdata=J1j32VqZeRjUuu1P%2BDoT9JfI0BfjaHDinGodKuBN344%3D&reserved=0, so it isn't a
problem anymore
More information about the arch-general
mailing list