blob.png

#!/bin/bash
LOG_FILE="/data/nginx-access-log/www.jifucha.com"
DENY_IP_CONF="/usr/local/nginx/conf/vhost/deny_ip.conf"
RESTART_NGINX="/usr/local/nginx/sbin/nginx -s reload"
NUM=15
deny_ip() {
    API=post/9.html
    grep "$API" $LOG_FILE|awk '{print $1}'|egrep -v "121.41.92.131"|awk '{num[$1]++}END{for (i in num)print num [i],i}'|sort -rn|head -1000 >/home/jifucha/deny_ip/deny_ip_${NUM}_1.log
    USER=($(awk -F "[ ]+"  '{print $2}' /home/jifucha/deny_ip/deny_ip_${NUM}_1.log))
    USER_NUM=($(awk  -F "[ ]+" '{print $1}' /home/jifucha/deny_ip/deny_ip_${NUM}_1.log))
    for ((j=0;j<${#USER[*]};j++))
    do
          if [ ${USER_NUM[j]} -ge $NUM ];then
            EXISTENCE=$(grep "${USER[j]}" $DENY_IP_CONF|wc -l)
            if [ $EXISTENCE -lt 1 ];then
              echo "deny ${USER[j]};" >>$DENY_IP_CONF
            fi
          fi
    done
}
main() {
    deny_ip &>/dev/null
    $RESTART_NGINX
}
main

记得在nignx的主配置文件中记得增加include。