nginx-module-abuse-guard
Auto-ban abusive clients by error-response rate (404/403/5xx)
Availability
| Distro | aarch64 | noarch | x86_64 | Version |
|---|---|---|---|---|
| RHEL 10 | ✓ | — | ✓ | 1.30.3+1.0.0 |
| RHEL 9 | ✓ | — | ✓ | 1.30.3+1.0.0 |
| RHEL 8 | — | — | — | |
| RHEL 7 | — | — | — | |
| RHEL 6 | — | — | — |
Description
NGINX module that watches the rate of error responses (404/403/5xx by default) each client generates and applies a timed in-process lockout to clients whose traffic is mostly failure. The ban decision is made in the NGINX preaccess phase, before any handler or upstream runs, with a fixed per-client memory footprint independent of the threshold. Optional Redis/Valkey ban replication across nodes and optional on-disk ban snapshots that survive reloads and reboots. No daemon, log shipper, or scripting layer required. To enable this module after installation, add the following to /etc/nginx/nginx.conf and reload NGINX: load_module modules/ngx_http_abuse_guard_module.so; Alternatively, enable all installed modules by adding this line to the top of /etc/nginx/nginx.conf: include /usr/share/nginx/modules/*.conf;
Compatible with all RHEL-based distributions, including CentOS, AlmaLinux, Oracle Linux, Rocky Linux, etc.
Install
CentOS/RHEL 10
sudo dnf -y install https://extras.getpagespeed.com/release-latest.rpm sudo dnf -y install nginx-module-abuse-guard
CentOS/RHEL 9
sudo dnf -y install https://extras.getpagespeed.com/release-latest.rpm sudo dnf -y install nginx-module-abuse-guard