一、防止DDOS、CC攻击
http {
limit_conn_zone $binary_remote_addr zone=perip:10m;
limit_conn_zone $server_name zone=perserver:10m
server {
limit_conn perip 10; #单个客户端ip与服务器的连接数.
limit_conn perserver 100; #限制与服务器的总连接数
}
二、禁止爬虫
server {
listen 80;
server_name 127.0.0.1;
#添加如下内容即可防止爬虫
if($http_user_agent~*"qihoobot|Baiduspider|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spider|MSNBot|ia_archiver|Tomato Bot") {
return 403;
}