1.下载rpm包编译安装
rpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
2.yum 安装 nginx (yum 默认安装到/etc 目录下)
yum install -y nginx
3.编辑nginx配置文件,指定日志路径和存放黑名单目录
vim /etc/nginx/nginx.conf
http块配置内容:
#指定黑名单地址存放路径
include /etc/nginx/conf.d/blockips.conf;
4.编写脚本文件获取nginx访问日志中异常恶意源IP并加入黑名单
#!/bin/bash
lastmin=`date -d'-1 minutes' +%d/%b/%Y:%H:%M`
#截取前一分钟的日志,按IP统计数量,超过300条的IP添加到临时文件中,没有满足条件的IP时会清空临时文件的内容
grep $lastmin /var/log/nginx/access.log | grep -vE '(.jpg|.jpeg|.js|.css|.gif|.bmp|.png)'|awk '{print $1}'|s