Coder Social home page Coder Social logo

nginx-instaban's Introduction

nginx-instaban

Efficient ddos protection daemon for nginx

#How does it work?

The service reads nginx error log file/files and ban every ip which is blocked by nginx for a certain time using iptables. The software is optimized for nginx logs and works without use of regular expressions for parsing. It allows you to survive a real ddos attack almost without load generation in comparison with fail2ban.

#How to use:

  1. build & install
depends on libconfig++, use "sudo apt-get install libconfig++-dev" on debian based distro to install

cmake .
make
chmod +x install
sudo .install

  1. configure nginx as shown in example.nginx.conf

  2. configure nginx-instaban:

sudo nano /etc/nginx-instaban.conf
  1. start the service:
service nginx-instaban start

To start the daemon at startup:

update-rc.d nginx-instaban defaults

To remove:

update-rc.d -f nginx-instaban remove

To read the log file:

cat /var/log/nginx-instaban.log

To unistall:

chmod +x uninstall
sudo .uninstall

#Configuration example

nginxLogReaders = (
                 {
                     nginxLogPath = "/var/log/nginx/error.log"; #path to the error log file
                     banTime = 20; #20 seconds
                     chainName = "nginx-instaban"; #name of the chain in iptables -L
                     valuableBitCount = 21; #number of bits of ip address which is used as an offset inside
                                            #hashtable structure. The higher the value the larger hashtable
                                            #structure is. 20bit = 4mb, 21bit = 8 mb, 22bit = 16 mb...
                 }
#                ,
#                {
#                    nginxLogPath = "/var/log/nginx/access.log";
#                    banTime = "20";
#                    chainName = "nginx-instaban";
#                }
#                    ...
             );

commands: {
    chainAddCmd = "iptables -N %s && iptables -t filter -A INPUT -j %s"; # %%s => chainName, chainName
    banCmd = "iptables -A %s -s %s -p tcp --destination-port 80 -j DROP"; # %%s => chainName, host
    unbanCmd = "iptables -D %s -s %s -p tcp --destination-port 80 -j DROP"; # %%s => chainName, host
}

#Nginx configuratio example:

user www-data;
worker_processes 1;
pid /run/nginx.pid;

events {
        worker_connections 768;
        # multi_accept on;
}

http {
        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;
        gzip on;

        limit_conn_zone $binary_remote_addr zone=addr:10m;
        limit_req_zone $binary_remote_addr zone=one:10m rate=10r/s;
	
	server 
  {
          location / {
              limit_conn addr 1;
              limit_req zone=one burst=5;
	        }
  }
}

nginx-instaban's People

Stargazers

avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

nottellyou gsdu8g9 w796933

nginx-instaban's Issues

make error

sir .
Scanning dependencies of target nginx-instaban
[ 12%] Building CXX object CMakeFiles/nginx-instaban.dir/main.cpp.o
In file included from /root/nginx-instaban/main.cpp:10:0:
/root/nginx-instaban/IpHashTableGeneric.h: In constructor ‘IpHashTableGeneric::IpHashTableGeneric(uint)’:
/root/nginx-instaban/IpHashTableGeneric.h:34:20: error: there are no arguments to ‘pow’ that depend on a template parameter, so a declaration of ‘pow’ must be available [-fpermissive]
ptrCount = pow(2, bitCount);
^~~
/root/nginx-instaban/IpHashTableGeneric.h:34:20: note: (if you use ‘-fpermissive’, G++ will accept your code, but allowing the use of an undeclared name is deprecated)
/root/nginx-instaban/main.cpp: In function ‘int main()’:
/root/nginx-instaban/main.cpp:104:15: error: ‘INT_MAX’ was not declared in this scope
sleep(INT_MAX);
^~~~~~~
/root/nginx-instaban/main.cpp:104:15: note: suggested alternative: ‘WINT_MAX’
sleep(INT_MAX);
^~~~~~~
WINT_MAX
make[2]: *** [CMakeFiles/nginx-instaban.dir/build.make:63: CMakeFiles/nginx-instaban.dir/main.cpp.o] Error 1
make[1]: *** [CMakeFiles/Makefile2:68: CMakeFiles/nginx-instaban.dir/all] Error 2
make: *** [Makefile:84: all] Error 2

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.