Hello!
On Wed, Jan 6, 2016 at 1:08 PM, George Liu wrote:
> Still new to nginx lua so not entirely sure if lua would be the right tool
> for the task.
>
> The task being to block a requesting ip address from all requests i.e. 403
> or 444 status based on a defined list of requested files such as
> wp-config.old, wp-config.save, wp-config.bak etc.
>
> So if a scanner or bot requests wp-config.old, I'd block the scanner/bot's
> ip for all it's requests
>
Yeah, it looks like a perfect use case of OpenResty/ngx_lua. Something
like this should work:
location / {
access_by_lua_block {
local client_ip = ngx.var.remote_addr
if client_ip == "1.2.3.4" then
return ngx.exit(403)
end
}
proxy_pass/fastcgi_pass/etc ...
}
For example, CloudFlare's WAF system is using this approach:
https://blog.cloudflare.com/cloudflares-new-waf-compiling-to-lua/
Regards,
-agentzh