1:首先遍历nginx_access log来查看恶意IP地址:
awk '{print $1}' /path/to/nginx/access/logs/nginx.access.log |sort |uniq -c|sort -n
2:在nginx.conf目录下创建blockip.conf文件
3:将第二步创建的文件在server或者http等block中填加
include blockips.conf;
4:在blockip.conf中加入需要被屏蔽的IP地址
deny:xxx:xxx:xxx:xxx
5:nginx -s reload