Blocking malicious User agents using nginx

Posted By : Ankit Arora | 30-Jun-2017

Blocking malicious User-agents using nginx:


  • With the increase in users on Internet malicious activities are also increasing day by day.
  • It's getting difficult to check each & every malicious activity everyday to secure our servers & data.
  • One day I was checking nginx access logs of & suddenly a user agent called “Jorgee” started hiting random APIs on nginx server.

After investigating about Jorgee I got to know that it’s a malicious user agent which checks the vulnerabilities on Random IPs so that after getting a vulnerability attacker can attack easily.

I searched about more malicious user agents online & made a list so that I can block them in nginx configuration.

Below is the sample configuration I have set in nginx.conf in server{} block:-


        ## Block common/malicious user agents ##

        if ($http_user_agent ~* LWP::Simple|BBBike|wget|jorgee) {

            return 403;



  • Here ~* I have used for making list case insensitive.

These are the user agents I have blocked: (LWP::Simple|BBBike|wget|jorgee)


Whenever these user agents will try to hit nginx server they will return 403 i.e Forbidden.




curl -A jorgee


Hope this would help you in securing your servers.

About Author

Author Image
Ankit Arora

Ankit is a Redhat Certified Engineer and Cloud Engineer.

Request for Proposal

Name is required

Comment is required

Sending message..