From 3a74c7bbe70e40531e497901b93632f2f9d34479 Mon Sep 17 00:00:00 2001 From: Mitchell Krog Date: Tue, 30 Apr 2024 12:54:47 +0200 Subject: [PATCH] Update globalblacklist.template Ref #568 Modify template for Super Rate Limiting Function --- dev-tools/globalblacklist.template | 31 ++++++++++++++++++++---------- 1 file changed, 21 insertions(+), 10 deletions(-) diff --git a/dev-tools/globalblacklist.template b/dev-tools/globalblacklist.template index 807a11657..f880b5382 100755 --- a/dev-tools/globalblacklist.template +++ b/dev-tools/globalblacklist.template @@ -19347,18 +19347,28 @@ geo $ratelimited { # ============================================ # -------------------------------------------- -# 1. MAP BAD BOTS TO OUR RATE LIMITER FUNCTION +# 4.1. MAP BAD BOTS TO OUR RATE LIMITER FUNCTION # -------------------------------------------- - map $bad_bot $bot_iplimit { - 0 ""; - 1 ""; - 2 $binary_remote_addr; - 4 $binary_remote_addr; - } + map $bad_bot $bot_iplimit { + 0 ""; + 1 ""; + 2 $binary_remote_addr; + 4 ""; + } +# -------------------------------------------------- +# 4.2. MAP BAD BOTS TO OUR SUPER RATE LIMITER FUNCTION +# -------------------------------------------------- + + map $bad_bot $bot_iplimit2 { + 0 ""; + 1 ""; + 2 ""; + 4 $binary_remote_addr; + } # -------------------------- -# 2. SET RATE LIMITING ZONES +# 4.3. SET RATE LIMITING ZONES # -------------------------- # BAD BOT RATE LIMITING ZONE @@ -19370,8 +19380,9 @@ geo $ratelimited { # BAD BOT SUPER RATE LIMITING ZONE # Super Rate limiting will only take effect if on any User-Agents with a value of 4 - limit_conn_zone $bot_iplimit zone=bot4_connlimit:16m; - limit_req_zone $bot_iplimit zone=bot4_reqlimitip:16m rate=1r/m; + limit_conn_zone $bot_iplimit2 zone=bot4_connlimit:16m; + limit_req_zone $bot_iplimit2 zone=bot4_reqlimitip:16m rate=1r/m; + # ========================================== # END SECTION 4 - ACTIVATE BLOCKER FUNCTIONS