It is increasingly common for spammers to crawl your site. This often results in high load on your Hypernode and a slow site for real visitors.

It can be hard to trace down these abusers. Here are some strategies for finding and blocking them.

I have high load! How do I ban the abusers?

Step 1: identify culprits

A common use-case is that spammers or scanners fill up all your PHPFPM slots when they scan or brute-force your site. We’ve developed the tool hypernode-fpm-status to grant you more insight into what is going on in your PHPFPM workers. Try this:

Step 2: add IPs to blacklist

You’ll immediately notice two IP’s that are trying to download files from your server. You’ve found your scanners!

Now login to your Hypernode using SSH and edit /data/web/nginx/server.blacklist.

Add the IPs to the file:

If you make a mistake, the shell will warn you:

 

Step 3: check to see that all is well

Now you’ll see that the client is banned from the server:

 

00