13

I have some rules setup in nginx to deny access by IPs. This works great, but for each request from a denied IP, an error that starts with the following gets logged:

[error] 7325#0: *5761 access forbidden by rule, client...

Is there a way to suppress these "errors" from being logged?

Improve this question

2 Answers 2

Reset to default
4

You can set error_log to less strict level, but you can lost important alerts in this case.

Core functionality - error_log

error_log filename crit;
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks. We do care about other errors, and the access denied logs add a lot of unwanted noise to the mix. Is there a way to only suppress the access denied errors, or send them to another log?
3

There is better solution, suggested by upstream - to use geo block with if to reject requests like:

geo $blocked {
    default 0;
    1.1.1.1/32 1;
}
...
server {

  if ($blocked) {
    return 444;
  }
}
Improve this answer

3 Comments

People aren't glad of if in an NGINX context.
I know, "if is evil". But still, it is very useful. This is exactly the case where it is good solution.
I think most people vaguely recall that if doesn't behave like an if in most other languages, and then steer clear of it. But good if it works. 👍🏻

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.