0

How can I bann or block automatically all IPs that reached 404 page from a large access log? I am using Nginx on Ubuntu 16.04, so I want to do it via Nginx.

It can't be done manually because the log has more than a million logs. So is there a way this can be done?

EDIT:

So to achieve this task I have to do the filtering of the log first and than to deny all of the ips from Nginx.

How to create a file with the filtered IPs that match my criteria - all the ones that hit 404

Emmanuel-Ab
  • 321
  • 2
  • 15
  • 2
    Fail2ban would be a better idea – Shawn C. Sep 15 '18 at 14:00
  • 1
    I suggest that banning anyone who gets a 404 is overly broad, and you will be locking out people that just make mistakes, or that came to you from a site that made a mistake in linking. Also, banning those IPs is going to be a losing battle that isn't really going to make you any sfer. – Andy Lester Sep 15 '18 at 17:10
  • this is not good at all. if you are being DDoSed use a service such as cloudflare to prevent attacks – Ahmed Abdelazim Sep 15 '18 at 17:41

0 Answers0