Pagoda panel Nginx firewall recently updated CC request type interception rules, including URL with parameters, URL without parameters, IP, and IP+UA. In this article, Weiss notes share relevant rules and explanations.
1. URL with parameters
It is suitable for most occasions. Its defense effect is average. The URL with parameters is set 60 times in 60 seconds. It can be modified according to your actual situation.
An IP requests the same URL (with parameters) of a website more than 60 times in 60 seconds
For example, request/index. php/index/login? username=admin
Exactly match the entire URL above, and the request will be blocked only after the number of times is reached when the URL remains unchanged
2. URL without parameters (not applicable to Thinkphp default route)
Same scene and effect as above.
An IP requests the same URL (without parameters) more than 60 times in 60 seconds,
Take the URL above for example:/index. php/index/login? username=admin
It is calculated with the URL of/index.php/index/login, that is, the request will be blocked only when the URL (without parameters) is unchanged.
3、IP
Used when your website/business is heavily attacked.
If the total number of times an IP accesses all websites in the server within 60 seconds exceeds 60, it will be blocked, which is the sum of all websites!!!
This defense effect is good, but it will also affect the user experience. It is recommended to enable it when attacked, but not normally.
4. IP+UA (applicable to API interface)
If an IP+UA accesses all websites of the server for more than 60 times in 60 seconds, it will be blocked
It is recommended not to open it at ordinary times. It is only applicable to API websites under special circumstances.
If your nginx firewall does not see this function, it is recommended to update and upgrade the firewall.