1

I have a simple docker-containerized nginx application. I'm getting spammed with requests when I view the nginx logs via docker-compose logs -f webserver (this is thousands of lines but I'm leaving one because LinkedIn is marking it as spam):

webserver    | 54.38.176.64 - - [03/Feb/2023:02:43:09 +0000] "GET https://apps.apple.com/sa/app/%D9%85%D8%B3%D8%AA%D8%B1-%D9%85%D9%86%D8%AF%D9%88%D8%A8-%D8%AA%D9%88%D8%B5%D9%8A%D9%84-%D8%B7%D9%84%D8%A8%D8%A7%D8%AA/id1459929199 HTTP/1.1" 200 465 "-" "Mozilla/5.0 (Linux; U; Android 2.2; en-ca; GT-P1000M Build/FROYO) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1" "161.201.255.131"

This is deployed in Digital Ocean and apparently they don't allow blacklisting an IP address.

To be honest, I'm not sure what this is (like if it's a bot or something).

I already did a full cleanup of my files (deleted and cloned from git repo) but still the same. I blocked the IP address via Nginx, but since the request goes through before blocking it still overloads the server with requests.

1
  • The first thing I noticed is that the HTTP Response code is 200. Meaning whatever is happening here nginx seems to be saying the request was completed successfully. It doesn’t make any sense to me that your server would receive a request for an apple URL and respond successfully. So, I suspect we’re not seeing accurate logs or an accurate assessment of the problem. Because the scenario you posted is highly unlikely. Better go back and dig a little more to understand what is really happening. Commented Feb 4, 2023 at 7:24

0

You must log in to answer this question.

Browse other questions tagged .