Nginx: Blocking by IP list

Blocking IP in Nginx

In this article, we will look at how to block unwanted IP addresses in the Nginx web server. So, step by step instructions:

1. Open the file /etc/nginx/nginx.conf for editing and add after http {

http {
    include /etc/nginx/blockips.conf;

where /etc/nginx/ is the path to the blockips.conf file from the server root.

2. Create a text file blockips.conf with UTF-8 encoding on the locale in Notepad ++ (or in any other text editor).

3. Add a list of blocked IP addresses to the file according to the example (such options are possible):

deny 31.220.61.77;
deny 185.84.148.0/22;
deny 2a02:748:b000:3:a87a:866d:94f0:ffbe;
deny 2a02:748:b000:3:a87a:866d:94f0:ffbe/22;

Note! You can use ready-made (collected by special services) lists of unwanted (spam) addresses:

1) Spam IP for the last 10 days - a ready-made list: https://ru.myip.ms/files/blacklist/csf/latest_blacklist.txt

2) Recently spam IPs added manually by users - a ready-made list: https://ru.myip.ms/files/blacklist/csf/latest_blacklist_users_submitted.txt 

To quickly edit the lists downloaded above, use the text editor Notapad ++:
- press Ctrl + H to open the automatic replacement window.
- check the Extended checkbox in the replacement window.
- then replace \r with;
- then replace \n with \ndeny(space)
- to get like this:
deny 46.101.204.143;
deny 55.101.204.143/21;

Additional tools to create a list of blocked IP addresses:

3) Network calculator: http://ru.smart-ip.net/calculator#ipv4

4) IP to CIDR: http://ip2cidr.com/bulk-ip-to-cidr-converter.php

5) Creating a list of IPs in CIDR format by country: http://software77.net/geo-ip/  (on the right, there are Country IP listing blocks, select a country and CIDR).

4. Upload blockips.conf to the server via ssh, give it CMOD 644 rights through any ssh file manager:

CMOD 644 /etc/nginx/blockips.conf

5. Restart Nginx, for example, like this:

service nginx restart

or

systemctl restart nginx

6. Update the list periodically, at least once a month.

Note! Added a sample file with a list of spam IPs and also adding the country Ukraine below (adding Ukraine greatly reduced the number of spammers on my sites, but this is purely individual).

Вас заинтересует / Intresting for you:

What is RESTful? Full descript...
What is RESTful? Full descript... 630 views Zero Cool Wed, 31 Oct 2018, 09:40:56
CSS: Flex Container Properties...
CSS: Flex Container Properties... 1883 views Боба Sat, 09 Nov 2019, 07:41:19
Protovis: Definition and Short...
Protovis: Definition and Short... 376 views Aida Tue, 08 Oct 2019, 10:51:24
JavaScript for game designer: ...
JavaScript for game designer: ... 432 views Antoni Tue, 27 Nov 2018, 14:28:10