fwiw, I use the map approach discussed here.
I've a list of a hundred or so 'bad bots'. I reply with a 444. Screw 'em. IMO, the performance hit of blocking them is far less than the performance havoc they wreak if allowed to (try to) scan your site, &/or the inevitable flood of crap from your "new BFFs" originating from under dozens of rocks ... I also scan my logs for bad bot hits' 444 rejects (often using just fail2ban) , and when over whatever threshhold I set, I mod an firewall IPSET with the errant IP and that takes care of them for whatever time period I choose, with a much lower performance hit on my server. Ideal? Nope. WORKSFORME? Absolutely. _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
