My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.
Adapt the following for your use case and simply place it in every nginx.conf that is ln -s linked to your /etc/nginx/sites-enabled (it should be under the listen 443 server block if you use certbot. Don’t add it under location it should be on the same level as listen [::]:443 ssl;)
diff --git a/public/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/index.html b/public/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/index.html
index eb457fbe..9534ec70 100644
--- a/public/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/index.html
+++ b/public/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/index.html
@@ -24,7 +24,7 @@ Create a username and password for authentication (or more than 1 user) First:"/
Here’s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system’s (or your vps’) resources for yourself.
The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith’s tutorial and have NGINX running with certbot for certificates.
Create a username and password for authentication (or more than 1 user)#
diff --git a/public/sitemap.xml b/public/sitemap.xml
index b508c72d..2ee17fef 100644
--- a/public/sitemap.xml
+++ b/public/sitemap.xml
@@ -3,10 +3,10 @@
xmlns:xhtml="http://www.w3.org/1999/xhtml">
https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/
- 2024-09-05T17:05:07+03:00
+ 2024-09-05T17:22:43+03:00
https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/
- 2024-09-05T16:58:04+03:00
+ 2024-09-05T17:22:43+03:00
https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/
2024-08-31T17:06:20+03:00