How to block referral spam using Nginx?

Question

I\'m running two mongrels under an Nginx server. I keep getting requests for a nonexistent file. The IP addresses change frequently but the referring URL stays the same. I\'d

Answer 1

I've been in a similar situation before where I needed to block people based on behaviour instead of other arbitrary rules that a firewall could sort out on its own.

They way I worked around the problem was to make my logic (Rails in your case) do the blocking... But a long way round:

• Have your logic maintain a block-list as a new-line separated plaintext file.
• Create a bash (or other) script as root to read this file and add its listees to your firewall's blocklist
• Create a cron job to call the script, again, as root

The reason I do it this way around (rather than just giving Django permissions to alter firewall config) is simply: security. If my application were hacked, I wouldn't want it to hurt anything else.

The bash script is something like this:

exec < /path/to/my/djago-maintained/block-list
while read line
do

    iptables -A INPUT --source $line/32 -j DROP

done