diff --git a/.dev-tools/test_units/blockbots.conf b/.dev-tools/test_units/blockbots.conf index 0476714db..12af16979 100644 --- a/.dev-tools/test_units/blockbots.conf +++ b/.dev-tools/test_units/blockbots.conf @@ -31,39 +31,53 @@ ####################################################################### -# ENABLE WHITELISTING TO WORK -# This should over rule any other rule -if ($remote_addr ~ "(127.0.0.1)" ) { - #set $bad_bot '0'; - set $validate_client '0'; +# ----------------------------------- +# OVER-RIDE BLOCKER / SUPER WHITELIST +# ----------------------------------- +# In this block you can allow any IP address specified here to over-ride any bad bot or IP blocking of the blocker. +# This is useful for testing or allowing only specific IP's (ie. Internal ranges) to never be blocked. +# More IP's can be added example > "(127.0.0.1)|(192.168.0.1)|(192.168.1.1)" +# If you even blacklisted 127.0.0.1 or your own IP by giving it a value of 1 in any of the includes, this will over-ride that block. + +if ($remote_addr ~ "(127.0.0.1)|(192.168.0.1)" ) { + #set $bad_bot '0'; #Uncommenting this line will disable bad_bots functionality for specified IP(s) + set $validate_client '0'; #Uncommenting this line will disable validate_client ip blocking functionality for specified IP(s) } +# -------------- +# BLOCK BAD BOTS +# -------------- -# BOTS -# **** +# Section bot_1 Unused #limit_conn bot1_connlimit 100; -limit_conn bot2_connlimit 10; #limit_req zone=bot1_reqlimitip burst=50; + +limit_conn bot2_connlimit 10; limit_req zone=bot2_reqlimitip burst=10; if ($bad_bot = '3') { return 444; } -# BAD REFER WORDS -# *************** +# --------------------- +# BLOCK BAD REFER WORDS +# --------------------- + if ($bad_words) { return 444; } +# ------------------ +# BLOCK BAD REFERERS +# ------------------ -# REFERERS -# ******** if ($bad_referer) { return 444; } -# IP BLOCKS -# ********* +# ----------------------------- +# BLOCK IP ADDRESSES and RANGES +# ----------------------------- + if ($validate_client) { return 444; }