Reduce noise from bad clients by disabling HTTP/1.0 and HTTP/1.1 while making exceptions for legitimate clients relying on those protocols.

Lobsters is a community-driven platform for sharing and discussing links to articles, tutorials, and projects related to technology and programming. Readers can learn about a wide range of topics, from software development and system administration to cybersecurity and artificial intelligence. With user submissions, comments, and voting, Lobsters provides a platform for collaborative learning and knowledge sharing among technology enthusiasts.

Lobsters

A practical guide to reducing malicious traffic by blocking HTTP/1.0 and HTTP/1.1 requests while allowing legitimate clients. The approach uses nginx map directives to identify protocol versions and user agents, then returns HTTP 426 status codes to non-whitelisted HTTP/1.x clients. Two strategies are presented: whitelisting known good agents (text browsers, search bots) or blacklisting suspicious ones (empty user agents, fake browser strings). Implementation includes nginx configuration examples, logging setup for monitoring blocked requests, and analysis showing most HTTP/1.x traffic consists of exploit attempts targeting WordPress vulnerabilities. The author recommends the exclusion approach to balance security with accessibility for legitimate bots and older clients.

Selectively Disabling HTTP/1.0 and HTTP/1.1