vikarti.anatra/nginx-ultimate-bad-bot-blocker
1
0
Fork 0
mirror of https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker.git synced 2025-09-02 02:29:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Nginx Test 1 - Backup default nginx.conf file

Browse source 
- Needed to be able to run test 3
This commit is contained in:
Mitchell Krog 2017-08-27 10:46:27 +02:00
parent a3066578a5
commit 9132de6335
No known key found for this signature in database
GPG key ID: 2BB9A077C8DD6994
5 changed files with 471 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
.dev-tools/_nginx_conf_backup/.keep Normal file
View file

7
.dev-tools/install-nginx-1.sh
View file

@ -43,6 +43,13 @@
# Start Getting Nginx Ready for Testing the Nginx Bad Bot Blocker
# ***************************************************************
# ******************************************************
# Make a backup of the clean and default nginx.conf file
# Needed to run Nginx test 3
# ******************************************************
sudo cp /etc/nginx/nginx.conf $TRAVIS_BUILD_DIR/.dev-tools/_nginx_conf_backup/nginx.conf
# *************************************************
# Delete default site created by Nginx Installation
# *************************************************

9
.dev-tools/install-nginx-2.sh
View file

@ -99,15 +99,6 @@ printf '\n%s\n%s\n%s\n\n' "######################################" "Fetch instal
sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/install-ngxblocker -O /usr/sbin/install-ngxblocker
sudo chmod +x /usr/sbin/install-ngxblocker
# *************************************************************************
# Let's create a folder for the bots.d and conf.d not using Nginx standards
# *************************************************************************
#printf '\n%s\n%s\n%s\n\n' "#####################################" "Create our Non-Standard Nginx Folders" "#####################################"
#sudo mkdir /usr/local/nginx
#sudo mkdir /usr/local/nginx/conf.d
#sudo mkdir /usr/local/nginx/bots.d
# **********************
# Run Install-NgxBlocker
# **********************

277
.dev-tools/install-nginx-3.sh Executable file
View file

@ -0,0 +1,277 @@
#!/bin/bash
# Travis CI Generating and Building for the Nginx Ultimate Bad Bot Blocker (using non standard folder locations)
# Created by: Mitchell Krog (mitchellkrog@gmail.com)
# Copyright: Mitchell Krog - https://github.com/mitchellkrogza
# Repo Url: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# MIT License
# Copyright (c) 2017 Mitchell Krog - mitchellkrog@gmail.com
# https://github.com/mitchellkrogza
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
# ***************************************************************
# Start Getting Nginx Ready for Testing the Nginx Bad Bot Blocker
# ***************************************************************
# **************************************
# Make Sure We Cleanup From Nginx Test 2
# **************************************
printf '\n%s\n%s\n%s\n\n' "###################################" "Cleaning up Files from Nginx Test 2" "###################################"
sudo rm /etc/nginx/sites-available/default.vhost
sudo rm /etc/nginx/sites-enabled/default.vhost
sudo rm /var/www/html/*
sudo rm /usr/local/nginx/conf.d/*.conf
sudo rm /usr/local/nginx/bots.d/*.conf
printf '\n%s\n%s\n%s\n\n' "########################################" "Cleaning up Files from Nginx Test 2 DONE" "########################################"
# *************************************
# List Directories to Confirm Deletions
# *************************************
printf '\n%s\n%s\n%s\n\n' "################################################" "Confirming /usr/local/nginx/conf.d/ directory is EMPTY" "################################################"
ls -la /usr/local/nginx/conf.d/
printf '\n%s\n%s\n%s\n\n' "################################################" "Confirming /usr/local/nginx/bots.d/ directory is EMPTY" "################################################"
ls -la /usr/local/nginx/bots.d/
printf '\n%s\n%s\n%s\n\n' "#########################################################" "Confirming /etc/nginx/sites-available/ directory is EMPTY" "#########################################################"
ls -la /etc/nginx/sites-available/
printf '\n%s\n%s\n%s\n\n' "#######################################################" "Confirming /etc/nginx/sites-enabled/ directory is EMPTY" "#######################################################"
ls -la /etc/nginx/sites-enabled/
printf '\n%s\n%s\n%s\n\n' "############################################" "Confirming /var/www/html/ directory is EMPTY" "############################################"
ls -la /var/www/html/
printf '\n%s\n\n' " "
# ********************************************************
# Copy our default.vhost file into Nginx /sites-available/
# ********************************************************
printf '\n%s\n%s\n%s\n\n' "################################" "Get Nginx Setup for Nginx Test 3" "################################"
sudo cp $TRAVIS_BUILD_DIR/.dev-tools/default.vhost /etc/nginx/sites-available/default.vhost
# **********************************************
# Link the vhost file into Nginx /sites-enabled/
# **********************************************
sudo ln -s /etc/nginx/sites-available/default.vhost /etc/nginx/sites-enabled/default.vhost
# ***********************************************************
# Copy our index.php file into the default site's root folder
# ***********************************************************
sudo cp $TRAVIS_BUILD_DIR/.dev-tools/index.php /var/www/html/index.php
printf '\n%s\n%s\n%s\n\n' "#####################################" "Finished Nginx Setup for Nginx Test 3" "#####################################"
# ***********************************************
# Fetch our install-ngxblocker file from the repo
# ***********************************************
printf '\n%s\n%s\n%s\n\n' "######################################" "Fetch install-ngxblocker from the repo" "######################################"
sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/install-ngxblocker -O /usr/sbin/install-ngxblocker
sudo chmod +x /usr/sbin/install-ngxblocker
# **********************
# Run Install-NgxBlocker
# **********************
printf '\n%s\n%s\n%s\n\n' "######################" "Run install-ngxblocker" "######################"
cd /usr/sbin
sudo bash ./install-ngxblocker -x -c /etc/nginx/myconf.d -b /etc/nginx/mybots.d
# **************************************************
# Set our install and setup scripts to be executable
# **************************************************
printf '\n%s\n%s\n%s\n\n' "##########################################################" "Set our install, setup and update scripts to be executable" "##########################################################"
sudo chmod +x /usr/sbin/install-ngxblocker
sudo chmod +x /usr/sbin/setup-ngxblocker
sudo chmod +x /usr/sbin/update-ngxblocker
# ********************
# Run setup-ngxblocker
# ********************
printf '\n%s\n%s\n%s\n\n' "####################" "Run setup-ngxblocker" "####################"
cd /usr/sbin
sudo bash ./setup-ngxblocker -x -c /etc/nginx/myconf.d -b /etc/nginx/mybots.d
# ************************
# Load our Nginx.conf file
# ************************
sudo nginx -c /etc/nginx/nginx.conf
# ******************************************************************************************
# Run update-ngxblocker test which downloads latest globalblacklist.conf and reloads Nginx
# This second test forces update-ngxblocker to re-write the Include location to non standard
# location of /usr/local/nginx/bots.d
# ******************************************************************************************
# ****************************************************************************************
# Copy a dummy version of globalblacklist.conf with an older version number to test update
# ****************************************************************************************
printf '\n%s\n%s\n%s\n\n' "####################################################" "Copy older globalblacklist.conf file to force update" "####################################################"
sudo cp $TRAVIS_BUILD_DIR/.dev-tools/globalblacklist-dummy.conf /usr/local/nginx/conf.d/globalblacklist.conf
# ****************************************************************************************
# Run update-ngxblocker test which downloads latest globalblacklist.conf and reloads Nginx
# ****************************************************************************************
printf '\n%s\n%s\n%s\n\n' "######################" "Run update-ngxblocker" "######################"
cd /usr/sbin
sudo bash ./update-ngxblocker -c /usr/local/nginx/conf.d -b /usr/local/nginx/bots.d -n
# *********************
# Force reload of Nginx
# *********************
printf '\n%s\n%s\n%s\n\n' "########################" "Force Reloading of Nginx" "########################"
sudo service nginx reload
# *******************************************************************************************
# Test that update-ngxblocker can install all missing required files by deleting some of them
# *******************************************************************************************
printf '\n%s\n%s\n%s\n\n' "####################################################################" "Delete existing files to force update-ngxblocker to re-download them" "####################################################################"
sudo rm /usr/local/nginx/conf.d/*.conf
sudo rm /usr/local/nginx/bots.d/*.conf
# *************************************
# List Directories to Confirm Deletions
# *************************************
printf '\n%s\n%s\n%s\n\n' "######################################################" "Confirming /usr/local/nginx/conf.d/ directory is EMPTY" "######################################################"
ls -la /usr/local/nginx/conf.d/
printf '\n%s\n%s\n%s\n\n' "######################################################" "Confirming /usr/local/nginx/bots.d/ directory is EMPTY" "######################################################"
ls -la /usr/local/nginx/bots.d/
# *********************************************************************************************************
# Run update-ngxblocker to test for missing files and download latest globalblacklist.conf and reload Nginx
# *********************************************************************************************************
printf '\n%s\n%s\n%s\n\n' "######################" "Run update-ngxblocker" "######################"
cd /usr/sbin
sudo bash ./update-ngxblocker -c /usr/local/nginx/conf.d -b /usr/local/nginx/bots.d -n
# ****************************************************
# List Directories to Confirm Downloaded Missing Files
# ****************************************************
printf '\n%s\n%s\n%s\n\n' "#############################################################################################" "Confirming /usr/local/nginx/conf.d/ directory has missing files replaced by update-ngxblocker" "#############################################################################################"
ls -la /usr/local/nginx/conf.d/
printf '\n%s\n%s\n%s\n\n' "#############################################################################################" "Confirming /usr/local/nginx/bots.d/ directory has missing files replaced by update-ngxblocker" "#############################################################################################"
ls -la /usr/local/nginx/bots.d/
# ****************************************************************************************
# Copy a dummy version of globalblacklist.conf with an older version number to test update
# ****************************************************************************************
printf '\n%s\n%s\n%s\n\n' "####################################################" "Copy older globalblacklist.conf file to force update" "####################################################"
sudo cp $TRAVIS_BUILD_DIR/.dev-tools/globalblacklist-dummy.conf /usr/local/nginx/conf.d/globalblacklist.conf
# *********************************************************************************************************
# Run update-ngxblocker to test for missing files and download latest globalblacklist.conf and reload Nginx
# *********************************************************************************************************
printf '\n%s\n%s\n%s\n\n' "######################" "Run update-ngxblocker" "######################"
cd /usr/sbin
sudo bash ./update-ngxblocker -c /usr/local/nginx/conf.d -b /usr/local/nginx/bots.d -n
# **************************
# Run setup-ngxblocker Again
# **************************
printf '\n%s\n%s\n%s\n\n' "####################" "Run setup-ngxblocker" "####################"
cd /usr/sbin
sudo bash ./setup-ngxblocker -x -c /usr/local/nginx/conf.d -b /usr/local/nginx/bots.d
# *********************
# Force reload of Nginx
# *********************
printf '\n%s\n%s\n%s\n\n' "########################" "Force Reloading of Nginx" "########################"
sudo service nginx reload
# *******************************************************
# Make sure we test latest generated globalblacklist.conf
# *******************************************************
printf '\n%s\n%s\n%s\n\n' "##############################################################################" "Copy latest generated globalblacklist.conf file to test for any compile errors" "##############################################################################"
sudo cp $TRAVIS_BUILD_DIR/conf.d/globalblacklist.conf /usr/local/nginx/conf.d/globalblacklist.conf
# *********************
# Force reload of Nginx
# *********************
printf '\n%s\n%s\n%s\n\n' "########################" "Force Reloading of Nginx" "########################"
sudo service nginx reload
# **********************
# Now Run our Curl Tests
# **********************
printf '\n%s\n%s\n%s\n\n' "######################" "Now Run our Curl Tests" "######################"
# ************************************************************
# Copy all .conf files used in Test 2 to a folder for checking
# ************************************************************
sudo cp /usr/local/nginx/bots.d/* $TRAVIS_BUILD_DIR/.dev-tools/_conf_files_test2/bots.d/
sudo cp /usr/local/nginx/conf.d/* $TRAVIS_BUILD_DIR/.dev-tools/_conf_files_test2/conf.d/
# *****************************************************************************************
# Travis now moves into running the rest of the tests in the script: section of .travis.yml
# *****************************************************************************************
# MIT License
# Copyright (c) 2017 Mitchell Krog - mitchellkrog@gmail.com
# https://github.com/mitchellkrogza
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.

187
.dev-tools/run-curl-tests-3.sh Executable file
View file

@ -0,0 +1,187 @@
#!/bin/bash
# Curl Testing Script for Nginx Ultimate Bad Bot Blocker (using non standard folder locations)
# Created by: Mitchell Krog (mitchellkrog@gmail.com)
# Copyright: Mitchell Krog - https://github.com/mitchellkrogza
# Repo Url: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# *******************************************
# Set Location of our Curl Test Results Files
# *******************************************
_curltest1=$TRAVIS_BUILD_DIR/.dev-tools/_curl_tests_2/curltest1.txt
_curltest2=$TRAVIS_BUILD_DIR/.dev-tools/_curl_tests_2/curltest2.txt
_curltest3=$TRAVIS_BUILD_DIR/.dev-tools/_curl_tests_2/curltest3.txt
_curltest4=$TRAVIS_BUILD_DIR/.dev-tools/_curl_tests_2/curltest4.txt
_curltest5=$TRAVIS_BUILD_DIR/.dev-tools/_curl_tests_2/curltest5.txt
_curltest6=$TRAVIS_BUILD_DIR/.dev-tools/_curl_tests_2/curltest6.txt
_curltest7=$TRAVIS_BUILD_DIR/.dev-tools/_curl_tests_2/curltest7.txt
_curltest8=$TRAVIS_BUILD_DIR/.dev-tools/_curl_tests_2/curltest8.txt
_now="$(date)"
# *************************************************
# Function Curl Test 1 - Check for Bad Bot "80legs"
# *************************************************
run_curltest1 () {
truncate -s 0 $_curltest1
printf '\n%s\n%s\n%s\n\n' "#########################" "TESTING BAD BOT IS DENIED" "#########################"
printf '%s%s\n\n' "Last Tested: " "$_now" >> "$_curltest1"
curl -A "80legs" http://localhost:9000/index.php 2>> $_curltest1
if grep -i '(52)' $_curltest1; then
echo 'BAD BOT DETECTED - TEST PASSED'
else
echo 'BAD BOT NOT DETECTED - TEST FAILED'
exit 1
fi
}
# **************************************************
# Function Curl Test 2 - Check for Bad Bot "masscan"
# **************************************************
run_curltest2 () {
truncate -s 0 $_curltest2
printf '\n%s\n%s\n%s\n\n' "#########################" "TESTING BAD BOT IS DENIED" "#########################"
printf '%s%s\n\n' "Last Tested: " "$_now" >> "$_curltest2"
curl -A "masscan" http://localhost:9000/index.php 2>> $_curltest2
if grep -i '(52)' $_curltest2; then
echo 'BAD BOT DETECTED - TEST PASSED'
else
echo 'BAD BOT NOT DETECTED - TEST FAILED'
exit 1
fi
}
# ******************************************************************
# Function Curl Test 3 - Check for Bad Referrer "100dollars-seo.com"
# ******************************************************************
run_curltest3 () {
truncate -s 0 $_curltest3
printf '\n%s\n%s\n%s\n\n' "##############################" "TESTING BAD REFERRER IS DENIED" "##############################"
printf '%s%s\n\n' "Last Tested: " "$_now" >> "$_curltest3"
curl -I http://localhost:9000/index.php -e http://100dollars-seo.com 2>> $_curltest3
if grep -i '(52)' $_curltest3; then
echo 'BAD REFERRER DETECTED - TEST PASSED'
else
echo 'BAD REFERRER NOT DETECTED - TEST FAILED'
exit 1
fi
}
# ******************************************************
# Function Curl Test 4 - Check for Bad Referrer "zx6.ru"
# ******************************************************
run_curltest4 () {
truncate -s 0 $_curltest4
printf '\n%s\n%s\n%s\n\n' "##############################" "TESTING BAD REFERRER IS DENIED" "##############################"
printf '%s%s\n\n' "Last Tested: " "$_now" >> "$_curltest4"
curl -I http://localhost:9000/index.php -e http://zx6.ru 2>> $_curltest4
if grep -i '(52)' $_curltest4; then
echo 'BAD REFERRER DETECTED - TEST PASSED'
else
echo 'BAD REFERRER NOT DETECTED - TEST FAILED'
exit 1
fi
}
# *****************************************************
# Function Curl Test 5 - Check for Good Bot "GoogleBot"
# *****************************************************
run_curltest5 () {
truncate -s 0 $_curltest5
printf '\n%s\n%s\n%s\n\n' "###########################" "TESTING GOOD BOT IS ALLOWED" "###########################"
printf '%s%s\n\n' "Last Tested: " "$_now" >> "$_curltest5"
curl -v -A "GoogleBot" http://localhost:9000/index.php 2>&1 >> $_curltest5
if grep -i 'Welcome' $_curltest5; then
echo 'GOOD BOT ALLOWED THROUGH - TEST PASSED'
else
echo 'GOOD BOT NOT ALLOWED THROUGH - TEST FAILED'
exit 1
fi
}
# ***************************************************
# Function Curl Test 6 - Check for Good Bot "BingBot"
# ***************************************************
run_curltest6 () {
truncate -s 0 $_curltest6
printf '\n%s\n%s\n%s\n\n' "###########################" "TESTING GOOD BOT IS ALLOWED" "###########################"
printf '%s%s\n\n' "Last Tested: " "$_now" >> "$_curltest6"
curl -v -A "BingBot" http://localhost:9000/index.php 2>&1 >> $_curltest6
if grep -i 'Welcome' $_curltest6; then
echo 'GOOD BOT ALLOWED THROUGH - TEST PASSED'
else
echo 'GOOD BOT NOT ALLOWED THROUGH - TEST FAILED'
exit 1
fi
}
# ***********************************************************
# Function Curl Test 7 - Check for Good Referrer "google.com"
# ***********************************************************
run_curltest7 () {
truncate -s 0 $_curltest7
printf '\n%s\n%s\n%s\n\n' "################################" "TESTING GOOD REFERRER IS ALLOWED" "################################"
printf '%s%s\n\n' "Last Tested: " "$_now" >> "$_curltest7"
curl http://localhost:9000/index.php -e http://google.com 2>&1 >> $_curltest7
if grep -i 'Welcome' $_curltest7; then
echo 'GOOD REFERRER DETECTED - TEST PASSED'
else
echo 'GOOD REFERRER NOT DETECTED - TEST FAILED'
exit 1
fi
}
# ***********************************************************
# Function Curl Test 8 - Check for Good Referrer "bing.com"
# ***********************************************************
run_curltest8 () {
truncate -s 0 $_curltest8
printf '\n%s\n%s\n%s\n\n' "################################" "TESTING GOOD REFERRER IS ALLOWED" "################################"
printf '%s%s\n\n' "Last Tested: " "$_now" >> "$_curltest8"
curl http://localhost:9000/index.php -e http://bing.com 2>&1 >> $_curltest8
if grep -i 'Welcome' $_curltest8; then
echo 'GOOD REFERRER DETECTED - TEST PASSED'
else
echo 'GOOD REFERRER NOT DETECTED - TEST FAILED'
exit 1
fi
}
# *********************************
# Trigger our curl functions to run
# *********************************
run_curltest1
run_curltest2
run_curltest3
run_curltest4
run_curltest5
run_curltest6
run_curltest7
run_curltest8
# ****************************************
# If everything passed then we exit with 0
# ****************************************
exit 0