diff --git a/AUTO-CONFIGURATION.md b/AUTO-CONFIGURATION.md index c88f9b2f0..fbc6baae6 100755 --- a/AUTO-CONFIGURATION.md +++ b/AUTO-CONFIGURATION.md @@ -26,29 +26,41 @@ Please make sure you are subscribed to notifications to be notified when the blo - For manual installation instructions please see - Please see: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/blob/master/MANUAL-CONFIGURATION.md -- Both setup-ngxblocker & install-ngxblocker can be configured with custom installation / update locations from the command line. Run the scripts with --help or -h to view options. +- setup-ngxblocker, install-ngxblocker and update-ngxblocker can all be configured with custom installation / update locations from the command line. + +- Run any of the setup, install or update scripts with --help or -h to view options. ## STEP 1: Download the install, setup and update scripts to your /usr/sbin/ directory and make the scripts executable ``` -cd /usr/sbin -sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/install-ngxblocker -O install-ngxblocker -sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/setup-ngxblocker -O setup-ngxblocker -sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/update-ngxblocker -O update-ngxblocker -sudo chmod +x install-ngxblocker -sudo chmod +x setup-ngxblocker -sudo chmod +x update-ngxblocker +sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/install-ngxblocker -O /usr/sbin/install-ngxblocker +sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/setup-ngxblocker -O /usr/sbin/setup-ngxblocker +sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/update-ngxblocker -O /usr/sbin/update-ngxblocker +sudo chmod +x /usr/sbin/install-ngxblocker +sudo chmod +x /usr/sbin/setup-ngxblocker +sudo chmod +x /usr/sbin/update-ngxblocker +``` + +**setup-ngxblocker, install-ngxblocker and update-ngxblocker can all be configured with custom installation / update locations from the command line.** + +**Run any of the setup, install or update scripts with --help or -h to view options.** + +If your Linux distribution does not have wget you can replace the wget commands above using curl as follows: + +``` +curl -sL https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/install-ngxblocker -o /usr/sbin/install-ngxblocker +curl -sL https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/setup-ngxblocker -o /usr/sbin/setup-ngxblocker +curl -sL https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/update-ngxblocker -o /usr/sbin/update-ngxblocker ``` -**Both setup-ngxblocker & install-ngxblocker can be configured with custom installation / update locations from the command line. -Run the scripts with --help or -h to view options.** ## STEP 2: Now run the install-ngxblocker script in DRY-MODE which will show you what changes it will make and what files it will download for you. This is only a DRY-RUN so no changes are being made yet. + ``` cd /usr/sbin sudo ./install-ngxblocker @@ -80,8 +92,9 @@ Downloading [FROM]=> [REPO]/bots.d/bad-referrer-words.conf [TO]=> /etc/ngi Downloading [FROM]=> [REPO]/bots.d/custom-bad-referrers.conf [TO]=> /etc/nginx/bots.d/custom-bad-referrers.conf ``` -**Both setup-ngxblocker & install-ngxblocker can be configured with custom installation / update locations from the command line. -Run the scripts with --help or -h to view options.** +**setup-ngxblocker, install-ngxblocker and update-ngxblocker can all be configured with custom installation / update locations from the command line.** + +**Run any of the setup, install or update scripts with --help or -h to view options.** ## STEP 3: @@ -117,8 +130,9 @@ Downloading [FROM]=> [REPO]/bots.d/custom-bad-referrers.conf [TO]=> /etc/ngi The required files have now been downloaded to the correct folders on Nginx for you direct from the repository. -**Both setup-ngxblocker & install-ngxblocker can be configured with custom installation / update locations from the command line. -Run the scripts with --help or -h to view options.** +**setup-ngxblocker, install-ngxblocker and update-ngxblocker can all be configured with custom installation / update locations from the command line.** + +**Run any of the setup, install or update scripts with --help or -h to view options.** ## STEP 4: @@ -153,18 +167,20 @@ Whitelisting ip: x.x.x.x => /etc/nginx/bots.d/whitelist-ips.conf This script also whitelists your IP in the whitelist-ips.conf file for you. Further IP's or IP ranges can be added to your customizable whitelits-ips.conf file located in /etc/nginx/bots.d/whitelist-ips.conf. -**Both setup-ngxblocker & install-ngxblocker can be configured with custom installation / update locations from the command line. -Run the scripts with --help or -h to view options.** +**setup-ngxblocker, install-ngxblocker and update-ngxblocker can all be configured with custom installation / update locations from the command line.** + +**Run any of the setup, install or update scripts with --help or -h to view options.** + ## STEP 5: Now run the setup script with the -x parameter to make all the necessary changes to your nginx.conf (if required) and also to add the required includes into all your vhost files. -This setup-ngxblocker script assumes that all your vhost files located in /etc/nginx/sites-available end in an extension .vhost. It is good practice to make all your vhost config files end with a .vhost extension but if you prefer to stick what you already have eg .conf you can simply modify line 10 of setup-ngxblocker to the appropriate extension you use for your vhost files. +This setup-ngxblocker script assumes that all your vhost files located in /etc/nginx/sites-available end in an extension .vhost. It is good practice to make all your vhost config files end with a .vhost extension but if you prefer to stick what you already have eg .conf you can simply modify run setup-ngxblocker using the `-e` parameter to specify the extension you use for your vhost files. -For instance if your vhost files end in .conf you will change this line in setup-ngxblocker as follows: +For instance if your vhost files end in .conf you will change this execute setup-ngxblocker with an additional command line parameter as follows: -`VHOST_EXT="conf` +`sudo ./setup-ngxblocker -x -e conf` So now let's run the setup script and let it make all the changes we need to make the Bot Blocker active on all your sites. @@ -201,8 +217,10 @@ include /etc/nginx/bots.d/ddos.conf; include /etc/nginx/bots.d/blockbots.conf; ``` -**Both setup-ngxblocker & install-ngxblocker can be configured with custom installation / update locations from the command line. -Run the scripts with --help or -h to view options.** +**setup-ngxblocker, install-ngxblocker and update-ngxblocker can all be configured with custom installation / update locations from the command line.** + +**Run any of the setup, install or update scripts with --help or -h to view options.** + ## STEP 6: @@ -264,7 +282,8 @@ Let's say for some "obscure" reason you actually want to block GoogleBot from ac All include files are commented for your convenience. -### If this helps you why not [buy me a beer](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=BKF9XT6WHATLG):beer: +### Coding makes me very thirsty [why not buy me a beer](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=BKF9XT6WHATLG):beer: + ## STEP 10: (TEST THAT IT IS WORKING) diff --git a/MANUAL-CONFIGURATION.md b/MANUAL-CONFIGURATION.md index d1436e7b6..85929927c 100755 --- a/MANUAL-CONFIGURATION.md +++ b/MANUAL-CONFIGURATION.md @@ -36,9 +36,11 @@ or https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/blob/master/ Copy the contents of **/conf.d/globalblacklist.conf** into your /etc/nginx/conf.d folder. -`cd /etc/nginx/conf.d` +`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/globalblacklist.conf -O /etc/nginx/conf.d/globalblacklist.conf` -`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/globalblacklist.conf -O globalblacklist.conf` +If your Linux distribution does not have wget you can replace the wget commands above using curl as follows: + +`curl -sL https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/globalblacklist.conf -o /etc/nginx/conf.d/globalblacklist.conf` ## STEP 2: @@ -48,12 +50,10 @@ Copy the contents of **/conf.d/globalblacklist.conf** into your /etc/nginx/conf. `sudo mkdir /etc/nginx/bots.d ` -`cd /etc/nginx/bots.d` - - copy the all the following files into that folder -`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/blockbots.conf -O blockbots.conf` -`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/ddos.conf -O ddos.conf` +`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/blockbots.conf -O /etc/nginx/bots.d/blockbots.conf` +`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/ddos.conf -O /etc/nginx/bots.d/ddos.conf` ## STEP 3: @@ -61,16 +61,14 @@ Copy the contents of **/conf.d/globalblacklist.conf** into your /etc/nginx/conf. Whitelist all your own domain names and IP addresses. **Please note important changes**, this is now done using include files so that you do not have to keep reinserting your whitelisted domains and IP addresses every time you update. -`cd /etc/nginx/bots.d` - - copy the whitelist-ips.conf file into that folder -`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/whitelist-ips.conf -O whitelist-ips.conf` +`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/whitelist-ips.conf -O /etc/nginx/bots.d/whitelist-ips.conf` - copy the whitelist-domains.conf file into the same folder -`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/whitelist-domains.conf -O whitelist-domains.conf` +`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/whitelist-domains.conf -O /etc/nginx/bots.d/whitelist-domains.conf` Use nano, vim or any other text editor to edit both whitelist-ips.conf and whitelist-domains.conf to include all your own domain names and IP addresses that you want to specifically whitelist from the blocker script. @@ -82,11 +80,9 @@ When pulling any future updates now your domains and IP whitelists will not be o Copy the custom User-Agents blacklist file into your /etc/nginx/bots.d folder -`cd /etc/nginx/bots.d` - - copy the blacklist-user-agents.conf file from the repository -`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/blacklist-user-agents.conf -O blacklist-user-agents.conf` +`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/blacklist-user-agents.conf -O /etc/nginx/bots.d/blacklist-user-agents.conf` Use nano, vim or any other text editor to edit (if needed) blacklist-user-agents.conf to include your own custom list of bad agents that are not included in the blocker like "omgilibot" which some people choose to block. @@ -98,11 +94,9 @@ When pulling any future updates now your custom User-Agents blacklist will not b Copy the custom bad referrers blacklist file into your /etc/nginx/bots.d folder -`cd /etc/nginx/bots.d` - - copy the custom-bad-referrers.conf file from the repository -`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/custom-bad-referrers.conf -O custom-bad-referrers.conf` +`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/custom-bad-referrers.conf -O /etc/nginx/bots.d/custom-bad-referrers.conf` Use nano, vim or any other text editor to edit (if needed) custom-bad-referrers.conf to include your own custom list of bad referrer domains that are not included in the blocker. When pulling any future updates now your custom referrers list will not be overwritten. @@ -113,11 +107,9 @@ When pulling any future updates now your custom referrers list will not be overw Copy the custom IP blacklist file into your /etc/nginx/bots.d folder -`cd /etc/nginx/bots.d` - - copy the blacklist-ips.conf file from the repository -`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/blacklist-ips.conf -O blacklist-ips.conf` +`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/blacklist-ips.conf -O /etc/nginx/bots.d/blacklist-ips.conf` Use nano, vim or any other text editor to edit (if needed) blacklist-ips.conf to include your own custom list of IP Addresses and IP Ranges that you wish to block. When pulling any future updates now your custom IP blacklist will not be overwritten. @@ -128,11 +120,9 @@ When pulling any future updates now your custom IP blacklist will not be overwri Copy the custom bad referrer words include file into your /etc/nginx/bots.d folder -`cd /etc/nginx/bots.d` - - copy the bad-referrer-words.conf file from the repository -`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/bad-referrer-words.conf -O bad-referrer-words.conf` +`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/bad-referrer-words.conf -O /etc/nginx/bots.d/bad-referrer-words.conf` Use nano, vim or any other text editor to edit the bad-referrer-words.conf file as you like. When pulling any future updates now your custom bad referrer words list will not be overwritten. @@ -143,11 +133,9 @@ When pulling any future updates now your custom bad referrer words list will not **INCLUDE IMPORTANT SETTINGS IN NGINX.CONF** **Also see SAMPLE-nginx.conf file in the root of this repository** -`cd /etc/nginx/conf.d` - - copy the botblocker-nginx-settings.conf file directly from the repo -`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/botblocker-nginx-settings.conf -O botblocker-nginx-settings.conf` +`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/botblocker-nginx-settings.conf -O /etc/nginx/conf.d/botblocker-nginx-settings.conf` **What is included in this settings file above for nginx?** The important settings file above adds the rate limiting functions and hash_bucket settings for nginx for you. Below is what the file contains, you cn add these manually to your nginx.conf file if you so please but the include file above will do it for you ad nginx loads any .conf file in /etc/conf.d (See STEP 6) @@ -231,7 +219,7 @@ Updating to the latest version is now as simple as: `cd /etc/nginx/conf.d` -`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/globalblacklist.conf -O globalblacklist.conf` +`sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/globalblacklist.conf -O /etc/nginx/conf.d/globalblacklist.conf` `sudo nginx -t` diff --git a/README.md b/README.md index a8cdbd747..2873473a6 100755 --- a/README.md +++ b/README.md @@ -39,24 +39,35 @@ https://twitter.com/ubuntu101za - For manual installation instructions please see - Please see: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/blob/master/MANUAL-CONFIGURATION.md -- Both setup-ngxblocker & install-ngxblocker can be configured with custom installation / update locations from the command line. Run the scripts with --help or -h to view options. +- setup-ngxblocker, install-ngxblocker and update-ngxblocker can all be configured with custom installation / update locations from the command line. + +- Run any of the setup, install or update scripts with --help or -h to view options. ## STEP 1: Download the install, setup and update scripts to your /usr/sbin/ directory and make the scripts executable ``` -cd /usr/sbin -sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/install-ngxblocker -O install-ngxblocker -sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/setup-ngxblocker -O setup-ngxblocker -sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/update-ngxblocker -O update-ngxblocker -sudo chmod +x install-ngxblocker -sudo chmod +x setup-ngxblocker -sudo chmod +x update-ngxblocker +sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/install-ngxblocker -O /usr/sbin/install-ngxblocker +sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/setup-ngxblocker -O /usr/sbin/setup-ngxblocker +sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/update-ngxblocker -O /usr/sbin/update-ngxblocker +sudo chmod +x /usr/sbin/install-ngxblocker +sudo chmod +x /usr/sbin/setup-ngxblocker +sudo chmod +x /usr/sbin/update-ngxblocker +``` + +**setup-ngxblocker, install-ngxblocker and update-ngxblocker can all be configured with custom installation / update locations from the command line.** + +**Run any of the setup, install or update scripts with --help or -h to view options.** + +If your Linux distribution does not have wget you can replace the wget commands above using curl as follows: + +``` +curl -sL https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/install-ngxblocker -o /usr/sbin/install-ngxblocker +curl -sL https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/setup-ngxblocker -o /usr/sbin/setup-ngxblocker +curl -sL https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/update-ngxblocker -o /usr/sbin/update-ngxblocker ``` -**Both setup-ngxblocker & install-ngxblocker can be configured with custom installation / update locations from the command line. -Run the scripts with --help or -h to view options.** ## STEP 2: @@ -94,8 +105,9 @@ Downloading [FROM]=> [REPO]/bots.d/bad-referrer-words.conf [TO]=> /etc/ngi Downloading [FROM]=> [REPO]/bots.d/custom-bad-referrers.conf [TO]=> /etc/nginx/bots.d/custom-bad-referrers.conf ``` -**Both setup-ngxblocker & install-ngxblocker can be configured with custom installation / update locations from the command line. -Run the scripts with --help or -h to view options.** +**setup-ngxblocker, install-ngxblocker and update-ngxblocker can all be configured with custom installation / update locations from the command line.** + +**Run any of the setup, install or update scripts with --help or -h to view options.** ## STEP 3: @@ -131,8 +143,9 @@ Downloading [FROM]=> [REPO]/bots.d/custom-bad-referrers.conf [TO]=> /etc/ngi The required files have now been downloaded to the correct folders on Nginx for you direct from the repository. -**Both setup-ngxblocker & install-ngxblocker can be configured with custom installation / update locations from the command line. -Run the scripts with --help or -h to view options.** +**setup-ngxblocker, install-ngxblocker and update-ngxblocker can all be configured with custom installation / update locations from the command line.** + +**Run any of the setup, install or update scripts with --help or -h to view options.** ## STEP 4: @@ -167,18 +180,20 @@ Whitelisting ip: x.x.x.x => /etc/nginx/bots.d/whitelist-ips.conf This script also whitelists your IP in the whitelist-ips.conf file for you. Further IP's or IP ranges can be added to your customizable whitelits-ips.conf file located in /etc/nginx/bots.d/whitelist-ips.conf. -**Both setup-ngxblocker & install-ngxblocker can be configured with custom installation / update locations from the command line. -Run the scripts with --help or -h to view options.** +**setup-ngxblocker, install-ngxblocker and update-ngxblocker can all be configured with custom installation / update locations from the command line.** + +**Run any of the setup, install or update scripts with --help or -h to view options.** + ## STEP 5: Now run the setup script with the -x parameter to make all the necessary changes to your nginx.conf (if required) and also to add the required includes into all your vhost files. -This setup-ngxblocker script assumes that all your vhost files located in /etc/nginx/sites-available end in an extension .vhost. It is good practice to make all your vhost config files end with a .vhost extension but if you prefer to stick what you already have eg .conf you can simply modify line 10 of setup-ngxblocker to the appropriate extension you use for your vhost files. +This setup-ngxblocker script assumes that all your vhost files located in /etc/nginx/sites-available end in an extension .vhost. It is good practice to make all your vhost config files end with a .vhost extension but if you prefer to stick what you already have eg .conf you can simply modify run setup-ngxblocker using the `-e` parameter to specify the extension you use for your vhost files. -For instance if your vhost files end in .conf you will change this line in setup-ngxblocker as follows: +For instance if your vhost files end in .conf you will change this execute setup-ngxblocker with an additional command line parameter as follows: -`VHOST_EXT="conf` +`sudo ./setup-ngxblocker -x -e conf` So now let's run the setup script and let it make all the changes we need to make the Bot Blocker active on all your sites. @@ -215,8 +230,10 @@ include /etc/nginx/bots.d/ddos.conf; include /etc/nginx/bots.d/blockbots.conf; ``` -**Both setup-ngxblocker & install-ngxblocker can be configured with custom installation / update locations from the command line. -Run the scripts with --help or -h to view options.** +**setup-ngxblocker, install-ngxblocker and update-ngxblocker can all be configured with custom installation / update locations from the command line.** + +**Run any of the setup, install or update scripts with --help or -h to view options.** + ## STEP 6: