We having blocked some bad bots which relentlessly try to access our site via "Deny" directives in NGINX. It's not possible for us to block it at the firewall, as we use a load balancer that we have no access to from our cloud provider.
This directive works fine, but our nginx error.log file gets flooded by these requests. We have them rotated, but it's poor for us as there are so many requests, we can't actually use the error log to see if there are any real errors that we should be mindful of.
So a few questions:
- How do we prevent nginx from sending these errors to the error.log.
- Why does nginx consider this an error? If you are specifying a deny directive and the ip is denied, from an http perspective this is a successful 403 response and should not be considered an error at all (imo).