0

How can I bann or block automatically all IPs that reached 404 page from a large access log? I am using Nginx on Ubuntu 16.04, so I want to do it via Nginx.

It can't be done manually because the log has more than a million logs. So is there a way this can be done?

EDIT:

So to achieve this task I have to do the filtering of the log first and than to deny all of the ips from Nginx.

How to create a file with the filtered IPs that match my criteria - all the ones that hit 404

Improve this question
3
  • 2
    Fail2ban would be a better idea Commented Sep 15, 2018 at 14:00
  • 1
    I suggest that banning anyone who gets a 404 is overly broad, and you will be locking out people that just make mistakes, or that came to you from a site that made a mistake in linking. Also, banning those IPs is going to be a losing battle that isn't really going to make you any sfer. Commented Sep 15, 2018 at 17:10
  • this is not good at all. if you are being DDoSed use a service such as cloudflare to prevent attacks Commented Sep 15, 2018 at 17:41
Load 7 more related questions Show fewer related questions

0

Reset to default

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.