Nginx + iptables blocks IP addresses that access web pages too frequently (Anti-DDoS, malicious access, collector)

The script is as follows: CopyCode The Code is as follows :#! /Bin/sh
Nginx_home =/data/app_1/nginx
Log_path =/data/logs
/Usr/bin/tail-n50000 $ log_path/access. log \
| Awk '$8 ~ /Aspx/{print $2, $13 }'\
| Grep-I-v-e "Google | Yahoo | Baidu | msnbot | feedsky | sogou "\
| Awk '{print $1}' | sort | uniq-c | sort-RN \
| Awk '{if ($1> 150) print "deny" $2 ";"}'> $ nginx_home/CONF/vhosts/blockip. conf
/Bin/kill-HUP 'cat $ nginx_home/nginx. Pi'

You can also filter out frequently accessed IP addresses by analyzing nginx logs, and use iptables to shield this IP address directly, so you do not need to restart nginx and the shielding effect is better.

The command for a single IP address is
Iptables-I input-s 124.115.0.199-J Drop

The command for sealing IP segments is
Iptables-I input-s 124.115.0.0/16-J Drop

The command to block the entire segment is
Iptables-I input-s 194.42.0.0/8-J Drop

The command for writing several segments is
Iptables-I input-s 61.37.80.0/24-J Drop
Iptables-I input-s 61.37.81.0/24-J Drop

I accidentally couldn't even connect myself -_-!!!
Iptables-I input-P TCP-dport 80-s 124.115.0.0/24-J Drop
In the future, only port 80 will be blocked. No problem will occur!

Iptables-I input-P TCP-dport 80-s 124.115.0.0/24-J Drop

Iptables-I input-s 61.37.81.0/24-J Drop

Unseal
Iptables-F
Clear
Iptables-D input number