Nginx, fail2ban and blocking hackers

On my development web server machine I am blocking all access that doesn’t use a domain name. This is very easy. My default nginx server simply returns error 499 and my fail2ban filter and jail blocks all error 499 return codes forever.

Here is my nginx default.conf:
server {
listen 80 default;
return 499;
}

I would like to do the same on production, except for ‘good’ search engines like google, bing, etc. Any suggestions?

I use GitHub - mitchellkrogza/nginx-ultimate-bad-bot-blocker: Nginx Block Bad Bots, Spam Referrer Blocker, V and it worked really nice. Try it out.

Thanks, I will check it out.


Linux sysadmin blog - Linux/Unix Howtos and Tutorials - Linux bash shell scripting wiki