1. Open the file /etc/nginx/nginx.conf
for editing and add after http {
include /etc/nginx/blockips.conf;
where /etc/nginx/
is the path to the blockips.conf
file from the server root.
http {
include /etc/nginx/blockips.conf;
2. Create a text file blockips.conf
with UTF-8 encoding on the locale in Notepad ++.
3. Add a list of blocked IP addresses to the file according to the sample (the following options are possible):
deny 31.220.61.77;
deny 185.84.148.0/22;
deny 2a02:748:b000:3:a87a:866d:94f0:ffbe;
deny 2a02:748:b000:3:a87a:866d:94f0:ffbe/22;
Note:
Tools for creating a list of blocked IP addresses:
1) Spam-IP for the last 10 days - a ready-made list:
https://ru.myip.ms/files/blacklist/csf/latest_blacklist.txt
2) Spam-IP for the last time added manually by users - ready-made list: https://ru.myip.ms/files/blacklist/csf/latest_blacklist_users_submitted.txt
To quickly edit the lists downloaded above, use the text editor Notapad ++:
- press Ctrl + H to open the automatic replacement window.
- check the Extended checkbox in the replacement window.
- then replace\r
with;
- then replace\n
with\ndeny
(space)
- to get it like this:
deny 46.101.204.143;
deny 55.101.204.143/21;
Additional tools for creating a list of blocked IP addresses:
3) Network calculator: http://ru.smart-ip.net/calculator#ipv4
4) IP to CIDR: http://ip2cidr.com/bulk-ip-to- cidr-converter.php
5) Creating a list of IPs in CIDR format by country: http://software77.net/geo-ip/ (on the right, there are Country IP listing blocks, select a country and CIDR).
4. Upload blockips.conf to the server via ssh, give it CMOD644
rights through any ssh file manager.
5. Restart Nginx, for example, like this: service nginx restart
6. Update the list periodically, at least once a month.
PS Added a sample file with a list of spam IPs and also adding the country Ukraine below (adding Ukraine greatly reduced the number of spammers on my sites, but this is purely individual).
Fresh blacklist for Nginx: