Count IP address in Nginx access logs
摘要: Recently, many referer spam hit on my server, below is the command I used to find and count the IP Address from a Nginx access log file.
Recently, many referer spam hit on my server, below is the command I used to find and count the IP Address from a Nginx access log file.
$ sudo awk '{print $1}' /var/log/nginx/access.log | sort | uniq -c | sort -nr
Full example.
$ sudo awk '{print $1}' /var/log/nginx/access.log | sort | uniq -c | sort -nr
210 190.104.220.x
208 181.119.20.x
134 66.249.69.x
129 66.249.69.x
113 37.58.100.x
108 66.249.69.x
108 128.204.204.x
106 37.58.100.x
99 110.85.69.x
89 125.78.199.x
71 128.204.194.x
70 210.195.94.x
60 23.19.34.x
Note
The same trick can apply on Apache server access.log.
The same trick can apply on Apache server access.log.
Next, use below command to find out the access events for a certain IP, then decide what action should be taken next.
$ sudo cat /var/log/nginx/access.log | grep 190.104.220.x
