Thanks for the information so based of what that resource says and from what I understand surely that field should only say "anonymous" or "username" if on those files / folders in my Nginx config I use "auth_basic" ?
http://nginx.org/en/docs/http/ngx_http_auth_basic_module.html The fact they are inputting that header unlike everyone else just alerts me. Because I don't use auth_basic anywhere would anything bad happen if I did the following. if($remote_user != "^$") { #Block requests where the user is not empty / missing return 444; } Their IP is also listed on stopforumspam's database what also raises suspicion further https://www.stopforumspam.com/ipcheck/176.57.129.88 Posted at Nginx Forum: https://forum.nginx.org/read.php?2,269734,269740#msg-269740 _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
