Home > OS >  Many "deny" statements and NGINX performance
Many "deny" statements and NGINX performance

Time:01-22

Does having a large number of "deny" statements seriously impact the performance of NGINX or require more RAM?

My server is being relentlessy hit by processes originating on Azure and Hetzner machines. My terms and conditions prohibit this access.

The IP addresses vary, so I cannot block them one at a time. Thus, I want to block access from any Azure or Hetzner machine. This translates to a large number of "deny" statements in NGINX -- 84 in the case of Hetzner alone.

Is there anything I should know or prepare for before doing this?

CodePudding user response:

I don't think 84 rules will impact performance, however using a map block should be more efficient since it is internally based on a hash table:

map $remote_addr $block {
    1.2.3.4  1;
    2.3.4.5  1;
    ...
}
server {
    ...
    if ($block) { return 403; }
    ...
}

If you need to use subnet/mask for blocking, you could do it with the geo block.

Page link:https//www.codepudding.com/os/271789.html

Prev:How to simplify nginx config when handling outdated browsers?
Next:nginx controller and ingress - how is nginx controller and ingress linked?
  •  Tags:  
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding