Nginx: Blocking by IP list

Blocking IP in Nginx
Андрей Васенин

Андрей Васенин

Автор статьи. Сфера интересов: ИТ-специалист (программирование, администрирование, DBA). Кандидат экономических наук. Подробнее .

In this article, we will look at how to block unwanted IP addresses in the Nginx web server. So, step by step instructions:

1. Open the file /etc/nginx/nginx.conf for editing and add after http {

http {
    include /etc/nginx/blockips.conf;

where /etc/nginx/ is the path to the blockips.conf file from the server root.

2. Create a text file blockips.conf with UTF-8 encoding on the locale in Notepad ++ (or in any other text editor).

3. Add a list of blocked IP addresses to the file according to the example (such options are possible):

deny 31.220.61.77;
deny 185.84.148.0/22;
deny 2a02:748:b000:3:a87a:866d:94f0:ffbe;
deny 2a02:748:b000:3:a87a:866d:94f0:ffbe/22;

Note! You can use ready-made (collected by special services) lists of unwanted (spam) addresses:

1) Spam IP for the last 10 days - a ready-made list: https://ru.myip.ms/files/blacklist/csf/latest_blacklist.txt

2) Recently spam IPs added manually by users - a ready-made list: https://ru.myip.ms/files/blacklist/csf/latest_blacklist_users_submitted.txt 

To quickly edit the lists downloaded above, use the text editor Notapad ++:
- press Ctrl + H to open the automatic replacement window.
- check the Extended checkbox in the replacement window.
- then replace \r with;
- then replace \n with \ndeny(space)
- to get like this:
deny 46.101.204.143;
deny 55.101.204.143/21;

Additional tools to create a list of blocked IP addresses:

3) Network calculator: http://ru.smart-ip.net/calculator#ipv4

4) IP to CIDR: http://ip2cidr.com/bulk-ip-to-cidr-converter.php

5) Creating a list of IPs in CIDR format by country: http://software77.net/geo-ip/  (on the right, there are Country IP listing blocks, select a country and CIDR).

4. Upload blockips.conf to the server via ssh, give it CMOD 644 rights through any ssh file manager:

CMOD 644 /etc/nginx/blockips.conf

5. Restart Nginx, for example, like this:

service nginx restart

or

systemctl restart nginx

6. Update the list periodically, at least once a month.

Note! Added a sample file with a list of spam IPs and also adding the country Ukraine below (adding Ukraine greatly reduced the number of spammers on my sites, but this is purely individual).

Вас заинтересует / Intresting for you:

What is RESTful? Full descript...
What is RESTful? Full descript... 799 views Zero Cool Wed, 31 Oct 2018, 09:40:56
CSS: Flex Container Properties...
CSS: Flex Container Properties... 2632 views Боба Sat, 09 Nov 2019, 07:41:19
Protovis: Definition and Short...
Protovis: Definition and Short... 673 views Светлана Комарова Tue, 08 Oct 2019, 10:51:24
JavaScript for game designer: ...
JavaScript for game designer: ... 543 views Antoni Tue, 27 Nov 2018, 14:28:10