From 21830c19b6da48b77fbcd30a4ed5761ef272a578 Mon Sep 17 00:00:00 2001 From: Stuart Cardall Date: Mon, 26 Feb 2018 20:41:26 +0000 Subject: [PATCH 1/3] do not add includes for redirect vhosts * adds a condition to only insert includes if a vhost file contains a root directive (to ignore vhosts which are simply redirects) * fixes https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/issues/138 --- setup-ngxblocker | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/setup-ngxblocker b/setup-ngxblocker index 32ab5b01b..d6bd88d88 100755 --- a/setup-ngxblocker +++ b/setup-ngxblocker @@ -390,10 +390,14 @@ main() { # update vhosts for file in $file_list; do line=$(find_includes $file include last server_ last location first ) + if [ -n "$(check_wildcard $file $BOTS_DIR)" ]; then + # do not use wildcards in vhost files printf "%-10s %-${col_size}s %s\n" "WARN:" "$BOTS_DIR/* detected" "=> $file" - else # don't use wildcards in vhost files - add_includes $line $file $BOTS_DIR $col_size $VHOST_INCLUDES + else # do not add includes to vhosts without root directive (i.e redirects) + if grep -Ew [[:space:]]+root $file 1>/dev/null; then + add_includes $line $file $BOTS_DIR $col_size $VHOST_INCLUDES + fi fi done From d1e8be6945f7102fb5fbefb1dc10d3de59cc825d Mon Sep 17 00:00:00 2001 From: Stuart Cardall Date: Mon, 26 Feb 2018 21:38:00 +0000 Subject: [PATCH 2/3] improve error messages * fixes https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/issues/137 --- setup-ngxblocker | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/setup-ngxblocker b/setup-ngxblocker index d6bd88d88..8d37cf0b0 100755 --- a/setup-ngxblocker +++ b/setup-ngxblocker @@ -82,13 +82,17 @@ check_config() { local files="$*" if [ -z "$files" ]; then - echo "no vhost files in: $VHOST_DIR/*.$VHOST_EXT => exiting." - exit 1 + printf "${BOLDGREEN}using a file extension for vhost files allows multiple domains to be included with a single directive in nginx.conf:\n\n" + printf "${BOLDWHITE}include /etc/nginx/sites-enabled/*.vhost;\n\n" + printf "${BOLDYELLOW}see command line switches below: ${BOLDGREEN}-e ${RESET}to customise the vhost file extension\n\n" + printf "${BOLDMAGENTA}no vhost files in:${RESET} [ $VHOST_DIR/*.$VHOST_EXT ] ${BOLDWHITE}=> exiting${RESET}.\n\n" + usage fi if [ ! -f "$MAIN_CONF" ]; then - echo "NGINX main configuration ('$MAIN_CONF') not found => exiting." - exit 1 + printf "${BOLDYELLOW}see command line switches below: ${BOLDGREEN}-m ${RESET}to customise the location of ${BOLDWHITE}nginx.conf${RESET}\n\n" + printf "${BOLDWHITE}NGINX main configuration${RESET} [ $MAIN_CONF ] ${BOLDMAGENTA}not found ${BOLDWHITE}=> exiting${RESET}.\n\n" + usage fi } From 0187170776e528add2583802784a9b226d7d348b Mon Sep 17 00:00:00 2001 From: Stuart Cardall Date: Mon, 26 Feb 2018 21:57:04 +0000 Subject: [PATCH 3/3] check vhosts before testing connectivity * check the repo is online after configuration checks --- setup-ngxblocker | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/setup-ngxblocker b/setup-ngxblocker index 8d37cf0b0..d9c19581a 100755 --- a/setup-ngxblocker +++ b/setup-ngxblocker @@ -344,9 +344,13 @@ main() { get_options $@ check_depends - include_url=$REPO/include_filelist.txt + # check vhosts + file_list=$(find_vhosts) + check_config $file_list # check repo is online & source includes + include_url=$REPO/include_filelist.txt + printf "Checking url: $include_url\n" if [ -n "$(check_online $include_url)" ]; then local tmp=$(mktemp) @@ -370,11 +374,6 @@ main() { n*|N*) VHOST_INCLUDES=$(echo $VHOST_INCLUDES | sed 's|ddos.conf||');; esac - # gather vhosts - file_list=$(find_vhosts) - check_config $file_list - col_size=$(( $(longest_str $CONF_FILES) + $(echo $CONF_DIR | wc -m) + 10 )) - # by default do not change any files if [ -z "$DRY_RUN" ]; then printf "\n** Dry Run ** | not updating files | run as '$(basename $0) -x' to setup files.\n\n" @@ -382,6 +381,9 @@ main() { printf "\n" fi + # calculate column size for better message printing + col_size=$(( $(longest_str $CONF_FILES) + $(echo $CONF_DIR | wc -m) + 10 )) + # update main config line=$(find_includes $MAIN_CONF include last http first '\}' last ) if [ -n "$(check_wildcard $MAIN_CONF $CONF_DIR)" ]; then # also recalculate column width