I can confirm that my logs show the same thing. It's been happening for a short while now. Thank you very much for sharing your script. I have just been letting fail2ban deal with it but this is a better remedy I think. Thank you again! -E Thank you. Warmest Regards, Eric ________________________________ From: arch-general <arch-general-bounces@xxxxxxxxxxxxx> on behalf of Juha Kankare via arch-general <arch-general@xxxxxxxxxxxxx> Sent: Tuesday, February 26, 2019 10:06:47 AM To: arch-general@xxxxxxxxxxxxx Cc: Juha Kankare Subject: Re: HTTP spam from China On 26/02/2019 14:40, Juha Kankare via arch-general wrote: > I'm getting a lot of connections from China it seems. Whenever I check > my journalctl, it's an andless wall of nginx complaints about a single > ip spamming requests fro different php files. This happens with hundreds > of ip's, and tens of times daily. Has anyone else been hit by this. I > already made a shellscript to block all connections from China, but I'm > curious as to why this happens, and if anyone else has had the same > problem. > Anyways, I fixed my problem via a combination of fail2ban and this script: https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbbs.archlinux.org%2Fviewtopic.php%3Fid%3D244527&data=02%7C01%7C%7C9faae115e8674c5fdac308d69bfc0fe8%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636867904239361611&sdata=J1j32VqZeRjUuu1P%2BDoT9JfI0BfjaHDinGodKuBN344%3D&reserved=0, so it isn't a problem anymore
