10

In my Nginx config I have some IP blocks in place, to fight off spammers & bots.

This is very effective, but as a result, my error logs get filled up super fast with error messages like these:

2015/12/16 00:56:28 [error] 27748#0: *120462 access forbidden by rule, client: 167.114.xxx.xxx, server: bla bla ....

Now I don't want to fully disable error logging, as I want to find out what is going wrong when something goes wrong. I just want to disable logging of these "forbidden by rule" messages.

Any idea how to do this?

Mr.Boon
  • 1,471
  • 4
  • 24
  • 43

3 Answers3

3

As mentioned here, use conditional logging (access_log directive):

Enabling Conditional Logging

Conditional logging allows excluding trivial or non-important log entries from the access log. In NGINX, conditional logging is enabled by the if parameter of the access_log directive.

For example, it makes possible to exclude requests with HTTP status codes 2XX (Success) and 3XX (Redirection):

map $status $loggable {
    ~^[23]  0;
    default 1; }

access_log /path/to/access.log combined if=$loggable;

EDIT: as @zsero described in comment, conditional logging is only supported with the access_log - not with the error_log directive.

hakre
  • 156
  • 1
  • 14
Ali Nikneshan
  • 223
  • 2
  • 7
  • Sorry, this answer is not correct, the `if=` directive is not supported on error_logs, only access_logs. It terminates with `invalid log level "if=$loggable"` – hyperknot Jan 12 '16 at 19:03
  • 2
    So this won't help regarding the specific question, right? – gxx Jan 13 '16 at 10:16
2

There is better solution, suggested by upstream - to use geo block with if to reject requests like:

geo $blocked {
    default 0;
    1.1.1.1/32 1;
}
...
server {

  if ($blocked) {
    return 444;
  }
}
pva
  • 160
  • 4
2

I used this nginx config to ignore malicious requests on hidden files:

location ~ /\.(?!well-known).* {
    return 444;
}

Returning a 444 (Connection Closed Without Response) closes the connection and doesn't log any error.

clem
  • 121
  • 2