1. Background
In our daily maintenance of the website, we often encounter such a requirement. In order to block certain crawlers or malicious users from making requests to the server, we need to establish a Dynamic IP blacklist. For IPs in the blacklist, services will be denied.
2. Architecture
There are many ways to implement the IP blacklist function:
1. At the operating system level, Configure iptables to reject network requests for specified IPs;
2. At the web server level, configure the IP blacklist through nginx's own deny option or the lua plug-in;
3. At the application level, at Before requesting service, check whether the client IP is in the blacklist.
In order to facilitate management and sharing, we implement the IP blacklist function through the nginx lua redis architecture. The architecture diagram is as follows:
3. Implementation
1. Install the nginx lua module. It is recommended to use openresty, which is an nginx server that integrates various lua modules:
openresty
nginx Configuration
The nginx process allocates a 1m shared memory space to cache ip blacklist For the list, see: https://github.com/openresty/lua-nginx-module#lua_shared_dictaccess_by_lua_file lua/ip_blacklist.lua;
Specify the location of the lua script4. Configure the lua script and regularly obtain the latest IP blacklist from redis. For the file content, see:
https://gist.github.com/ceelog/ 39862d297d9c85e743b3b5111b7d44cb
##lua script content5. Create a new set type data ip_blacklist on the redis server and add the latest ip blacklist. 
After completing the above steps, reload nginx and the configuration will start to take effect
access denied
The above is the detailed content of How Nginx uses Lua+Redis to dynamically ban IPs. For more information, please follow other related articles on the PHP Chinese website!
es和redis区别Jul 06, 2019 pm 01:45 PMRedis是现在最热门的key-value数据库,Redis的最大特点是key-value存储所带来的简单和高性能;相较于MongoDB和Redis,晚一年发布的ES可能知名度要低一些,ES的特点是搜索,ES是围绕搜索设计的。
一起来聊聊Redis有什么优势和特点May 16, 2022 pm 06:04 PM本篇文章给大家带来了关于redis的相关知识,其中主要介绍了关于redis的一些优势和特点,Redis 是一个开源的使用ANSI C语言编写、遵守 BSD 协议、支持网络、可基于内存、分布式存储数据库,下面一起来看一下,希望对大家有帮助。
实例详解Redis Cluster集群收缩主从节点Apr 21, 2022 pm 06:23 PM本篇文章给大家带来了关于redis的相关知识,其中主要介绍了Redis Cluster集群收缩主从节点的相关问题,包括了Cluster集群收缩概念、将6390主节点从集群中收缩、验证数据迁移过程是否导致数据异常等,希望对大家有帮助。
详细解析Redis中命令的原子性Jun 01, 2022 am 11:58 AM本篇文章给大家带来了关于redis的相关知识,其中主要介绍了关于原子操作中命令原子性的相关问题,包括了处理并发的方案、编程模型、多IO线程以及单命令的相关内容,下面一起看一下,希望对大家有帮助。
Redis实现排行榜及相同积分按时间排序功能的实现Aug 22, 2022 pm 05:51 PM本篇文章给大家带来了关于redis的相关知识,其中主要介绍了Redis实现排行榜及相同积分按时间排序,本文通过实例代码给大家介绍的非常详细,对大家的学习或工作具有一定的参考借鉴价值,希望对大家有帮助。
实例详解Redis实现排行榜及相同积分按时间排序功能的实现Aug 26, 2022 pm 02:09 PM本篇文章给大家带来了关于redis的相关知识,其中主要介绍了Redis实现排行榜及相同积分按时间排序,本文通过实例代码给大家介绍的非常详细,下面一起来看一下,希望对大家有帮助。
一文搞懂redis的bitmapApr 27, 2022 pm 07:48 PM本篇文章给大家带来了关于redis的相关知识,其中主要介绍了bitmap问题,Redis 为我们提供了位图这一数据结构,位图数据结构其实并不是一个全新的玩意,我们可以简单的认为就是个数组,只是里面的内容只能为0或1而已,希望对大家有帮助。
一起聊聊Redis实现秒杀的问题May 27, 2022 am 11:40 AM本篇文章给大家带来了关于redis的相关知识,其中主要介绍了关于实现秒杀的相关内容,包括了秒杀逻辑、存在的链接超时、超卖和库存遗留的问题,下面一起来看一下,希望对大家有帮助。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
SublimeText3 Linux new version
SublimeText3 Linux latest version
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft
Notepad++7.3.1
Easy-to-use and free code editor
