Suppress nginx access denied error log

Question

I have some rules setup in nginx to deny access by IPs. This works great, but for each request from a denied IP, an error that starts with the following gets logged:

[error] 7325#0: *5761 access forbidden by rule, client...

Is there a way to suppress these "errors" from being logged?

score 4 · Answer 1 · answered Sep 10 '14 at 20:19

4

You can set error_log to less strict level, but you can lost important alerts in this case.

Core functionality - error_log

error_log filename crit;

answered Sep 10 '14 at 20:19

Aleksey Deryagin

2,575
2
20
18

3

Thanks. We do care about other errors, and the access denied logs add a lot of unwanted noise to the mix. Is there a way to only suppress the access denied errors, or send them to another log? – Andrew Frankel Sep 12 '14 at 15:13

score 1 · Answer 2 · answered Mar 11 '21 at 17:25

1

There is better solution, suggested by upstream - to use geo block with if to reject requests like:

geo $blocked {
    default 0;
    1.1.1.1/32 1;
}
...
server {

  if ($blocked) {
    return 444;
  }
}

answered Mar 11 '21 at 17:25

pva

1,937
1
11
8

People aren't glad of `if` in an NGINX context. – DarkNeuron Aug 01 '21 at 12:56
I know, "if is evil". But still, it is very useful. This is exactly the case where it is good solution. – pva Aug 03 '21 at 09:00
I think most people vaguely recall that `if` doesn't behave like an `if` in most other languages, and then steer clear of it. But good if it works. – DarkNeuron Aug 03 '21 at 12:13

Suppress nginx access denied error log

2 Answers2

Linked