vikarti.anatra/nginx-ultimate-bad-bot-blocker
1
0
Fork 0
mirror of https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker.git synced 2025-09-02 10:40:36 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

V4.2019.06.1650 [ci skip]

Browse source
This commit is contained in:
Travis 2019-06-27 15:51:47 +02:00
parent 29f2e78afa
commit a585e07897
53 changed files with 2857 additions and 2414 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.dev-tools/_conf_files_ip_whitelist/bots.d/blacklist-ips.conf
View file

@ -1,2 +1,2 @@
104.154.120.187 1;
35.192.136.167 1;
127.0.0.1 1;

2
.dev-tools/_conf_files_ip_whitelist/bots.d/whitelist-ips.conf
View file

@ -1,4 +1,4 @@
104.154.120.187 0;
35.192.136.167 0;
127.0.0.1 1;
127.0.0.1 1;
127.0.0.1 1;

6
.dev-tools/_conf_files_ip_whitelist/conf.d/globalblacklist.conf
View file

@ -4,8 +4,8 @@
### VERSION INFORMATION #
###################################################
### Version: V3.2019.06.1647
### Updated: Thu Jun 27 14:46:42 SAST 2019
### Version: V4.2019.06.1650
### Updated: Thu Jun 27 15:45:51 SAST 2019
### Bad Referrer Count: 6713
### Bad Bot Count: 556
###################################################
@ -17992,7 +17992,7 @@ geo $ratelimited {
# Rate limiting will only take effect if on any User-Agents with a value of 2
limit_conn_zone $bot_iplimit zone=bot2_connlimit:16m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=6r/m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=12r/m;
# ==========================================
# END SECTION 4 - ACTIVATE BLOCKER FUNCTIONS

2
.dev-tools/_conf_files_ratelimiting/bots.d/blacklist-ips.conf
View file

@ -1,2 +1,2 @@
104.154.120.187 1;
35.192.136.167 1;
127.0.0.1 1;

2
.dev-tools/_conf_files_ratelimiting/bots.d/whitelist-ips.conf
View file

@ -1,4 +1,4 @@
104.154.120.187 0;
35.192.136.167 0;
127.0.0.1 1;
127.0.0.1 1;
127.0.0.1 1;

6
.dev-tools/_conf_files_ratelimiting/conf.d/globalblacklist.conf
View file

@ -4,8 +4,8 @@
### VERSION INFORMATION #
###################################################
### Version: V3.2019.06.1647
### Updated: Thu Jun 27 14:46:42 SAST 2019
### Version: V4.2019.06.1650
### Updated: Thu Jun 27 15:45:51 SAST 2019
### Bad Referrer Count: 6713
### Bad Bot Count: 556
###################################################
@ -17992,7 +17992,7 @@ geo $ratelimited {
# Rate limiting will only take effect if on any User-Agents with a value of 2
limit_conn_zone $bot_iplimit zone=bot2_connlimit:16m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=6r/m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=12r/m;
# ==========================================
# END SECTION 4 - ACTIVATE BLOCKER FUNCTIONS

2
.dev-tools/_conf_files_test1/bots.d/whitelist-ips.conf
View file

@ -33,4 +33,4 @@
# 111.111.111.111 0;
35.224.112.202 0;
104.154.113.151 0;

4
.dev-tools/_conf_files_test1/conf.d/botblocker-nginx-settings.conf
View file

@ -13,8 +13,10 @@
# Version 1.1
# ! new directives also to be added to include_filelist.txt ! #
server_names_hash_bucket_size 128;
server_names_hash_bucket_size 256;
server_names_hash_max_size 4096;
variables_hash_max_size 4096;
variables_hash_bucket_size 4096;
limit_req_zone $binary_remote_addr zone=flood:50m rate=90r/s;
limit_conn_zone $binary_remote_addr zone=addr:50m;

643
.dev-tools/_conf_files_test1/conf.d/globalblacklist.conf
View file

@ -1,16 +1,21 @@
### **********************************
### THE ULTIMATE NGINX BAD BOT BLOCKER
### **********************************
### -----------------------------------------------------------
### THE NGINX ULTIMATE BAD BOT, BAD IP AND BAD REFERRER BLOCKER
### -----------------------------------------------------------
### VERSION INFORMATION #
###################################################
### Version: V4.2019.06.1647
### Updated: Thu Jun 27 14:46:41 SAST 2019
### Version: V4.2019.06.1650
### Updated: Thu Jun 27 15:45:51 SAST 2019
### Bad Referrer Count: 6713
### Bad Bot Count: 556
###################################################
### VERSION INFORMATION ##
### --------------------------------------------
### HELP SUPPORT THIS PROJECT - Send Me a Coffee
### https://ko-fi.com/mitchellkrog
### --------------------------------------------
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
@ -28,12 +33,16 @@
### and also has rate limiting functionality for bad bots who you only want to rate limit
### and not actually block out entirely. It is very powerful and also very flexible.
### --------------------------------------------------------------------------
### Created By: https://github.com/mitchellkrogza/
### Repo Url: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
### Copyright Mitchell Krog - <mitchellkrog@gmail.com>
### Contributors: Stuart Cardall - https://github.com/itoffshore
### --------------------------------------------------------------------------
### --------------------------------------------------------------------------
### Tested on: nginx/1.10.3 up to latest Mainstream Version (Ubuntu 16.04)
### --------------------------------------------------------------------------
### This list was developed and is in use on a live Nginx server running some very busy web sites.
### It was built from the ground up using real data from daily logs and is updated almost daily.
@ -41,9 +50,9 @@
### spam referrers, rogue IP address, scanners, scrapers and domain hijacking sites are extensively checked
### before they are added. It is monitored extensively for any false positives.
### *********
### ---------
### Features:
### *********
### ---------
### Clear formatting for Ease of Maintenance.
### Alphabetically ordered lists for Ease of Maintenance.
### Extensive Commenting for Ease of Reference.
@ -54,40 +63,38 @@
### IP range blocking / whitelisting.
### Rate Limiting Functions.
### ************
### ------------
### INSTALLATION
### ************
### ------------
### PLEASE use the install, setup and update scripts provided for you to ease your installation.
### This Auto Installation procedure is documented in the README.md and AUTO-CONFIGURATION.md files.
### Installation, Setup and Update Scripts Contributed by Stuart Cardall - https://github.com/itoffshore
### There are also manual configuration instructions provided for those not wishing to do an auto install.
### ***********************************************
### -----------------------------------------------
### !!!!! PLEASE READ INLINE NOTES ON TESTING !!!!!
### ***********************************************
### -----------------------------------------------
### Note that:
### SETTINGS:
### ---------------------------------------------
### 0 = allowed - no limits
### 1 = allowed or rate limited less restrictive
### 2 = rate limited more
### 3 = block completely
### ---------------------------------------------
### ************************************************************
### ------------------------------------------------------------
### CONTRIBUTING / PULL REQUESTS / ADDING YOUR OWN BAD REFERRERS
### ************************************************************
### ------------------------------------------------------------
### For contributing, corrections or adding bots or referrers to this repo,
### Send a Pull Request (PR) on any of the .list files in the _generator_lists folder
### All Pull Requests will be checked for accuracy before being merged.
# *********************************
# FIRST BLOCK BY USER-AGENT STRINGS
# *********************************
# ***********************
# -----------------------
# !!!!! PLEASE TEST !!!!!
# ***********************
# -----------------------
# ALWAYS test any User-Agent Strings you add here to make sure you have it right
# Use a Chrome Extension called "User-Agent Switcher for Chrome" where you can create your
@ -98,36 +105,46 @@
# curl -I http://www.yourdomain.com -A "GoogleBot" ---- GIVES YOU: HTTP/1.1 200 OK (Meaning web page was served to Client)
# curl -I http://www.yourdomain.com -A "80legs" ---- GIVES YOU: curl: (52) Empty reply from server (Meaning Nginx gave a 444 Dropped Connection)
# In this section we allow/disallow specific User Agents / Bots.
# *********************************************************************
# Now we map all good and bad user agents to a variable called $bad_bot
# *********************************************************************
# =======================
# START BLOCKER FUNCTIONS
# =======================
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# DO NOT EDIT ANYTHING BELOW THIS LINE !!!
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# =============================
# BEGIN SECTION 1 - USER-AGENTS
# =============================
# ALLOW / BLOCK User Agents / Bots
# -------------------------------------------------------------------
# Map all GOOD and BAD UA (User Agents) to a variable called $bad_bot
# -------------------------------------------------------------------
map $http_user_agent $bad_bot {
default 0;
# ***********************************************
# Include your Own Custom List of Bad User Agents
# ***********************************************
# Use the include file below to further customize your own list of additional user-agents you wish to permanently block
# This include file allows whitelisting and blacklisting of anything specified below it, meaning you can over-ride anything in this blocker to your liking.
# ***********************************************************************************
# -----------------------------------------------------------------------------------
# START CUSTOM BLACKLISTED USER AGENTS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ***********************************************************************************
# -----------------------------------------------------------------------------------
# Include your Own Custom List of Bad User Agents
# Use the include file below to further customize your own list of additional user-agents you wish to permanently block
# This include file allows whitelisting and blacklisting of anything specified below it.
# This include file alows you to over-ride any Bad / Good UA (Bot) declared in this blocker to your liking.
include /etc/nginx/bots.d/blacklist-user-agents.conf;
# *********************************************************************************
# ---------------------------------------------------------------------------------
# END CUSTOM BLACKLISTED USER AGENTS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# *********************************************************************************
# ---------------------------------------------------------------------------------
# *********************************************
# Bad User-Agent Strings That We Block Outright
# *********************************************
# --------------------------------------------------
# BAD UA (User-Agent) Strings That We Block Outright
# --------------------------------------------------
# START BAD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)360Spider(?:\b|)" 3;
@ -688,9 +705,16 @@ map $http_user_agent $bad_bot {
"~*(?:\b)ZyBorg(?:\b|)" 3;
# END BAD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
# ***********************************************
# Allow Good User-Agent Strings We Know and Trust
# ***********************************************
# --------------------------------------------
# GOOD UA User-Agent Strings We Know and Trust
# --------------------------------------------
# -----------------------------------------------------------------------
# You can over-ride these in /etc/nginx/bots.d/blacklist-user-agents.conf
# by adding the same UA line there and chaning its value of 1
# If you think GoogleBot is bad you would simply add them to
# blacklist-user-agents.conf with a value of 1
# -----------------------------------------------------------------------
# START GOOD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)adidxbot(?:\b|)" 0;
@ -727,12 +751,13 @@ map $http_user_agent $bad_bot {
"~*(?:\b)yahoo(?:\b|)" 0;
# END GOOD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
# ***************************************************
# User-Agent Strings Allowed Through but Rate Limited
# ***************************************************
# --------------------------------------------------------
# GOOD UA User-Agent Rate Limiting 1 - Disabled by Default
# --------------------------------------------------------
# Some people block libwww-perl, it used widely in many valid (non rogue) agents
# I allow libwww-perl as I use it for monitoring systems with Munin but it is rate limited
# TO ACTIVATE THIS RATE LIMITING Uncomment these two lines in blockbots.conf
#limit_conn bot1_connlimit 100;
#limit_req zone=bot1_reqlimitip burst=50;
# START ALLOWED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)jetmon(?:\b|)" 1;
@ -743,9 +768,14 @@ map $http_user_agent $bad_bot {
"~*(?:\b)Wget/1.15(?:\b|)" 1;
# END ALLOWED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
# **************************************************************
# Rate Limited User-Agents who get a bit aggressive on bandwidth
# **************************************************************
# -------------------------------------------------------
# GOOD UA User-Agent Rate Limiting 2 - Enabled by Default
# -------------------------------------------------------
# -----------------------------------------------------------------------
# You can over-ride these in /etc/nginx/bots.d/blacklist-user-agents.conf
# by adding the same UA line there and chaning its value of 1
# -----------------------------------------------------------------------
# START LIMITED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)Alexa(?:\b|)" 2;
@ -768,163 +798,186 @@ map $http_user_agent $bad_bot {
# END LIMITED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
}
# *****************************************
# SECOND BLOCK BY REFERRER STRINGS AND URLS
# *****************************************
# ===========================
# END SECTION 1 - USER-AGENTS
# ===========================
# *****************
# =======================================
# BEGIN SECTION 2 - REFERRERS AND DOMAINS
# =======================================
# ----------------
# PLEASE TEST !!!!
# *****************
# ----------------
# ------------------------------------------------------------------------------------------------------------------------------
# ALWAYS test referrers that you add. This is done manually as follows
# ------------------------------------------------------------------------------------------------------------------------------
# curl -I http://www.yourdomain.com -e http://anything.adcash.com --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e http://www.goodwebsite.com/not-adcash --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e http://www.betterwebsite.com/not/adcash --- GIVES YOU: curl: (52) Empty reply from server
# ------------------------------------------------------------------------------------------------------------------------------
# curl -I http://www.yourdomain.com -e http://www.google.com --- GIVES YOU: full html output of the web page
# curl -I http://www.yourdomain.com -e http://www.microsoft.com --- GIVES YOU: full html output of the web page
# ------------------------------------------------------------------------------------------------------------------------------
# Because of case-insensitive matching any combination of capitilization in the names will all produce a positive hit
# make sure you always test thoroughly and monitor logs. This section below also does NOT check for a preceding www.
# and it also does not care if the referrer request was sent with http https or even ftp.
# ------------------------------------------------------------------------------------------------------------------------------
# ***********************************************************************
# Now we map all bad referrer words below to a variable called $bad_words
# ***********************************************************************
# ----------------------------------------------------------------
# Map all BAD referrer words below to a variable called $bad_words
# ----------------------------------------------------------------
# --------------------------------
# START Bad Referrer Word Scanning
# --------------------------------
map $http_referer $bad_words {
default 0;
# **************************
# Bad Referrer Word Scanning
# **************************
# -------------------------------------------------------------------------------------------
# These are Words and Terms often found tagged onto domains or within url query strings.
# Create and Customize Your Own Bad Referrer Words Here using the new Include File Method
# New Method Uses the include file below so that when pulling future updates your
# customized list of bad referrer words are automatically now included for you
# Read Comments inside bad-referrer-words.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# BE VERY CAREFUL using the bad-referrer-words.conf file - please read the comment and
# BE VERY CAREFUL using this bad-referrer-words.conf file - please read the comments and
# examples inside the include file for detailed explanations into how seriously this can
# affect your own site from serving assets or other innocent sites from accessing your site
# For safety sake the whitelist-domains.conf file is also loaded here before the bad-referrer-words.conf file.
# For safety sake the whitelist-domains.conf file is also loaded here before the
# bad-referrer-words.conf file is loaded.
# -------------------------------------------------------------------------------------------
# ************************************************************************
# ------------------------------------------------------------------------
# START WHITELISTED DOMAINS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ************************************************************************
# ------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-domains.conf;
# **********************************************************************
# ----------------------------------------------------------------------
# END WHITELISTED DOMAINS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# **********************************************************************
# ----------------------------------------------------------------------
# ******************************************************************************
# ------------------------------------------------------------------------------
# START CUSTOM BAD REFERRER WORDS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ******************************************************************************
# ------------------------------------------------------------------------------
include /etc/nginx/bots.d/bad-referrer-words.conf;
# ****************************************************************************
# ----------------------------------------------------------------------------
# END CUSTOM BAD REFERRER WORDS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ****************************************************************************
# ----------------------------------------------------------------------------
}
# --------------------------------
# END Bad Referrer Word Scanning
# --------------------------------
# *************************
# Bad Referrer Domain Names
# *************************
# Now a list of bad referrer urls these domains or any combination of them ie .com .net
# will be blocked out. Doesn't matter if the protocol is http, https or even ftp
# ----------------------------------------
# START Good and Bad Referrer Domain Names
# ----------------------------------------
# -------------------------------------------------------------------------------------
# Good and Bad referrer urls Doesn't matter if the protocol is http, https or even ftp
# -------------------------------------------------------------------------------------
# ----------------------
# This section includes:
# **********************
# ----------------------
# --------------------------------------------------------------------------------
# Blocking of SEO company Semalt.com (now merged into this one section)
# MIRAI Botnet Domains Used for Mass Attacks
# Other known bad SEO companies and Ad Hijacking Sites
# Sites linked to malware, adware, clickjacking and ransomware
# Domain names and referrers used in referrer spam and seo hijacking
# Whitelisting of your own GOOD domains / referrers
# Whitelisting of any other GOOD domains / referrers you want explicitly NOT block
# --------------------------------------------------------------------------------
# *****************
# ----------------
# PLEASE TEST !!!!
# *****************
# ----------------
# ------------------------------------------------------------------------------------------------------------------------------------
# ALWAYS test referrers that you add. This is done manually as follows
# ------------------------------------------------------------------------------------------------------------------------------------
# curl -I http://www.yourdomain.com -e http://8gold.com --- GIVES YOU: curl: (52) Empty reply from server
# ------------------------------------------------------------------------------------------------------------------------------------
# Because of case-insensitive matching any combination of capitilization will all produce a positive hit - make sure you always test.
# ------------------------------------------------------------------------------------------------------------------------------------
# For Example any of the following variations below of 8gold.com will be detected and blocked
# ------------------------------------------------------------------------------------------------------------------------------------
# curl -I http://www.yourdomain.com -e http://NOT-8gold.com --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e http://this.is.not8gOlD.net --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e ftp://8gold.com --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e ftp://www.weare8gold.NET --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e https://subdomain.8gold.com --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e https://NOT8GolD.org --- GIVES YOU: curl: (52) Empty reply from server
# ------------------------------------------------------------------------------------------------------------------------------------
# So if you see a bad referrer from wearegoogle.com and you want to block them just add
# them as "~*wearegoogle.com" don't ever go and do something like "~*google(-|.)" you will
# kill all your SEO in a week.
# ------------------------------------------------------------------------------------------------------------------------------------
# To add your own custom bad referrers use the custom include file
# /etc/nginx/bots.d/custom-bad-referrers.conf
# Or send a Pull Request to add it to the global blacklist for other users.
# In the bad referrers section I also include sites that hotlink images without permission.
# ------------------------------------------------------------------------------------------------------------------------------------
# ***********************************************************************
# Now we map all good & bad referrer urls to variable called #bad_referer
# ***********************************************************************
# --------------------------------------------------------------------
# Map all good & bad referrer DOMAINS to a variable called bad_referer
# --------------------------------------------------------------------
map $http_referer $bad_referer {
hostnames;
default 0;
# *************************************
# GOOD REFERRERS - Spared from Checking
# *************************************
# --------------------------------------------
# GOOD REFERRER DOMAINS - Spared from Checking
# --------------------------------------------
# ---------------------------------------------------------------------------------------
# Add all your own web site domain names and server names in this section
# WHITELIST Your Own Domain Names Here using the new Include File Method
# New Method Uses the include file below so that when pulling future updates your
# whitelisted domain names are automatically now included for you.
# Read Comments inside whitelist-domains.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# ---------------------------------------------------------------------------------------
# ************************************************************************
# ------------------------------------------------------------------------
# START WHITELISTED DOMAINS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ************************************************************************
# ------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-domains.conf;
# **********************************************************************
# ----------------------------------------------------------------------
# END WHITELISTED DOMAINS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# **********************************************************************
# ----------------------------------------------------------------------
# ***********************************
# -----------------------------------
# CUSTOM BAD REFERRERS - Add your Own
# ***********************************
# -----------------------------------
# Add any extra bad referrers in the following include file to have them
# permanently included and blocked - avoid duplicates in your custom file
# custom-bad-referrers.conf is BOTH a BLACKLIST AND WHITELIST
# custom-bad-referrers.conf ALLOWS complete over-riding of anything
# If you think google.com is bad you would simply add them to
# custom-bad-referrers.conf with a value of 1
# *************************************************************************
# -------------------------------------------------------------------------
# START CUSTOM BAD REFERRERS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# *************************************************************************
# -------------------------------------------------------------------------
include /etc/nginx/bots.d/custom-bad-referrers.conf;
# ***********************************************************************
# -----------------------------------------------------------------------
# END CUSTOM BAD REFERRERS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ***********************************************************************
# -----------------------------------------------------------------------
# START BAD REFERRERS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)000free\.us(?:\b|)" 1;
@ -7644,137 +7697,49 @@ map $http_referer $bad_referer {
# END BAD REFERRERS ### DO NOT EDIT THIS LINE AT ALL ###
}
# =====================================
# END SECTION 2 - REFERRERS AND DOMAINS
# =====================================
# ***********************************************
# WHITELISTING AND BLACKLISTING IP ADDRESS RANGES
# ***********************************************
# ========================================================================
# BEGIN SECTION 3 - WHITELISTING AND BLACKLISTING IP ADDRESSESE AND RANGES
# ========================================================================
# Geo directive to deny and also whitelist certain ip addresses
# --------------------------------------------------------------------------------------
# Map all GOOD and BAD IP Addresses and Ranges to a variable called geo $validate_client
# --------------------------------------------------------------------------------------
geo $validate_client {
# ********************
# First Our Safety Net
# ********************
# Anything not matching our rules is allowed through with default 0;
default 0;
# ***********************************
# Whitelist all your OWN IP addresses
# ***********************************
# ----------------------------------------------
# Whitelist all your OWN IP addresses and Ranges
# ----------------------------------------------
# --------------------------------------------------------------------------------------
# WHITELIST all your own IP addresses using the include file below.
# New Method Uses the include file below so that when pulling future updates your
# whitelisted IP addresses are automatically now included for you.
# Read Comments inside whitelist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# whitelist-ips.conf reigns supreme !!!
# Whatever you add to whitelist-ips.conf will be whitelisted FULL STOP
# Anything blacklisted above this line will be over-ridden by whitelist-ips.conf
# --------------------------------------------------------------------------------------
# **************************************************************************
# --------------------------------------------------------------------------
# START WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# **************************************************************************
# --------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-ips.conf;
# ************************************************************************
# ------------------------------------------------------------------------
# END WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ************************************************************************
# ------------------------------------------------------------------------
# ****************
# Google IP Ranges
# ****************
# For Safety Sake all Google's Known IP Ranges are all white listed
# START GOOGLE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
108.177.0.0/17 0;
172.217.0.0/16 0;
173.194.0.0/16 0;
2001:4860:4000::/36 0;
203.208.60.0/24 0;
207.126.144.0/20 0;
209.85.128.0/17 0;
216.239.32.0/19 0;
216.58.192.0/19 0;
2404:6800:4000::/36 0;
2607:f8b0:4000::/36 0;
2800:3f0:4000::/36 0;
2a00:1450:4000::/36 0;
2c0f:fb50:4000::/36 0;
35.192.0.0/12 0;
64.18.0.0/20 0;
64.233.160.0/19 0;
64.68.80.0/21 0;
65.52.0.0/14 0;
66.102.0.0/20 0;
66.249.64.0/19 0;
72.14.192.0/18 0;
74.125.0.0/16 0;
# END GOOGLE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# **************
# Bing IP Ranges
# **************
# For Safety Sake all Bing's Known IP Ranges are all white listed
# START BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
131.253.21.0/24 0;
131.253.22.0/23 0;
131.253.24.0/21 0;
131.253.24.0/22 0;
131.253.32.0/20 0;
157.54.0.0/15 0;
157.56.0.0/14 0;
157.60.0.0/16 0;
199.30.16.0/24 0;
199.30.27.0/24 0;
207.46.0.0/16 0;
40.112.0.0/13 0;
40.120.0.0/14 0;
40.124.0.0/16 0;
40.125.0.0/17 0;
40.74.0.0/15 0;
40.76.0.0/14 0;
40.80.0.0/12 0;
40.96.0.0/12 0;
# END BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# ********************
# Cloudflare IP Ranges
# ********************
# For Safety Sake all Cloudflare's Known IP Ranges are all white listed
# START CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
103.21.244.0/22 0;
103.22.200.0/22 0;
103.31.4.0/22 0;
104.16.0.0/12 0;
108.162.192.0/18 0;
131.0.72.0/22 0;
141.101.64.0/18 0;
162.158.0.0/15 0;
172.64.0.0/13 0;
173.245.48.0/20 0;
188.114.96.0/20 0;
190.93.240.0/20 0;
197.234.240.0/22 0;
198.41.128.0/17 0;
199.27.128.0/21 0;
2400:cb00::/32 0;
2405:8100::/32 0;
2405:b500::/32 0;
2606:4700::/32 0;
2803:f800::/32 0;
2a06:98c0::/29 0;
2c0f:f248::/32 0;
# END CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# *************************
# Wordpress Theme Detectors
# *************************
# -------------------------------------
# BLOCK known Wordpress Theme Detectors
# -------------------------------------
# START WP THEME DETECTORS ### DO NOT EDIT THIS LINE AT ALL ###
@ -7818,10 +7783,11 @@ geo $validate_client {
89.36.223.188 1; #www.cuteseotools.net/wordpress-theme-detector
# END WP THEME DETECTORS ### DO NOT EDIT THIS LINE AT ALL ###
# ****************************************
# NIBBLER - SEO testing and reporting tool
# ****************************************
# ----------------------------------------------
# BLOCK NIBBLER - SEO testing and reporting tool
# ----------------------------------------------
# See - http://nibbler.silktide.com/
# ----------------------------------------------
# START NIBBLER ### DO NOT EDIT THIS LINE AT ALL ###
52.201.238.175 1;
@ -7834,33 +7800,10 @@ geo $validate_client {
# END NIBBLER ### DO NOT EDIT THIS LINE AT ALL ###
# ****************************
# Known Bad IP's and IP Ranges
# *************************************************
# Blacklist IP addresses and IP Ranges Customizable
# *************************************************
# BLACKLIST all your IP addresses and Ranges using the new include file below.
# New Method Uses the include file below so that when pulling future updates your
# Custom Blacklisted IP addresses are automatically now included for you.
# Read Comments inside blacklist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# ********************************************************************
# START BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ********************************************************************
include /etc/nginx/bots.d/blacklist-ips.conf;
# ******************************************************************
# END BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ******************************************************************
# *********************************************************************************************
# KNOWN BAD IP ADDRESSES
# Source: https://github.com/mitchellkrogza/Suspicious.Snooping.Sniffing.Hacking.IP.Addresses
# A Reliable Daily Updated List Included Below of Known Bad IP Addresses, Snoopers and Sniffers
# *********************************************************************************************
# -----------------------------------------
# BLOCK KNOWN BAD IP ADDRESSES
# Top known bad IP Adresses from abuseIPDB
# -----------------------------------------
# START KNOWN BAD IP ADDRESSES ### DO NOT EDIT THIS LINE AT ALL ###
193.32.163.89 1;
@ -17864,33 +17807,176 @@ geo $validate_client {
46.101.115.65 1;
# END KNOWN BAD IP ADDRESSES ### DO NOT EDIT THIS LINE AT ALL ###
# --------------------------
# WHITELIST Google IP Ranges
# --------------------------
# START GOOGLE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
108.177.0.0/17 0;
172.217.0.0/16 0;
173.194.0.0/16 0;
2001:4860:4000::/36 0;
203.208.60.0/24 0;
207.126.144.0/20 0;
209.85.128.0/17 0;
216.239.32.0/19 0;
216.58.192.0/19 0;
2404:6800:4000::/36 0;
2607:f8b0:4000::/36 0;
2800:3f0:4000::/36 0;
2a00:1450:4000::/36 0;
2c0f:fb50:4000::/36 0;
35.192.0.0/12 0;
64.18.0.0/20 0;
64.233.160.0/19 0;
64.68.80.0/21 0;
65.52.0.0/14 0;
66.102.0.0/20 0;
66.249.64.0/19 0;
72.14.192.0/18 0;
74.125.0.0/16 0;
# END GOOGLE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# ------------------------
# WHITELIST Bing IP Ranges
# ------------------------
# START BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
131.253.21.0/24 0;
131.253.22.0/23 0;
131.253.24.0/21 0;
131.253.24.0/22 0;
131.253.32.0/20 0;
157.54.0.0/15 0;
157.56.0.0/14 0;
157.60.0.0/16 0;
199.30.16.0/24 0;
199.30.27.0/24 0;
207.46.0.0/16 0;
40.112.0.0/13 0;
40.120.0.0/14 0;
40.124.0.0/16 0;
40.125.0.0/17 0;
40.74.0.0/15 0;
40.76.0.0/14 0;
40.80.0.0/12 0;
40.96.0.0/12 0;
# END BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# ------------------------------
# WHITELIST Cloudflare IP Ranges
# ------------------------------
# START CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
103.21.244.0/22 0;
103.22.200.0/22 0;
103.31.4.0/22 0;
104.16.0.0/12 0;
108.162.192.0/18 0;
131.0.72.0/22 0;
141.101.64.0/18 0;
162.158.0.0/15 0;
172.64.0.0/13 0;
173.245.48.0/20 0;
188.114.96.0/20 0;
190.93.240.0/20 0;
197.234.240.0/22 0;
198.41.128.0/17 0;
199.27.128.0/21 0;
2400:cb00::/32 0;
2405:8100::/32 0;
2405:b500::/32 0;
2606:4700::/32 0;
2803:f800::/32 0;
2a06:98c0::/29 0;
2c0f:f248::/32 0;
# END CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# -------------------------------------------------
# BLACKLIST IP addresses and IP Ranges Customizable
# -------------------------------------------------
# --------------------------------------------------------------------------------------
# BLACKLIST all your IP addresses and Ranges using the new include file below.
# New Method Uses the include file below so that when pulling future updates your
# Custom Blacklisted IP addresses are automatically now included for you.
# Read Comments inside blacklist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# Anything added to blacklist-ips.conf will over-ride anything whitelisted above
# --------------------------------------------------------------------------------------
# --------------------------------------------------------------------
# START BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# --------------------------------------------------------------------
include /etc/nginx/bots.d/blacklist-ips.conf;
# ------------------------------------------------------------------
# END BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ------------------------------------------------------------------
# ----------------------------------------------
# Whitelist all your OWN IP addresses and Ranges
# ----------------------------------------------
# --------------------------------------------------------------------------------------
# WHITELIST all your own IP addresses using the include file below.
# New Method Uses the include file below so that when pulling future updates your
# whitelisted IP addresses are automatically now included for you.
# Read Comments inside whitelist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# whitelist-ips.conf reigns supreme !!!
# Whatever you add to whitelist-ips.conf will be whitelisted FULL STOP
# Anything blacklisted above this line will be over-ridden by whitelist-ips.conf
# --------------------------------------------------------------------------------------
# --------------------------------------------------------------------------
# START WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# --------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-ips.conf;
# ------------------------------------------------------------------------
# END WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ------------------------------------------------------------------------
}
# --------------------------------------------------------------------------------------
# WHITELIST your own IPs from the DDOS Filter
# Add your own IP addresses and ranges into the custom include file whitelist-ips.conf
# to spare them from the rate limiting DDOS filter.
# This section includes the same / single whitelist-ips.conf file so you only
# need to edit that include file and have it include here for you too.
# --------------------------------------------------------------------------------------
geo $ratelimited {
default 1;
# ***************************************************************************
# ---------------------------------------------------------------------------
# START WHITELISTED IP RANGES2 ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ***************************************************************************
# ---------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-ips.conf;
# *************************************************************************
# -------------------------------------------------------------------------
# END WHITELISTED IP RANGES2 ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# *************************************************************************
# -------------------------------------------------------------------------
}
# *****************************************
# MAP BAD BOTS TO OUR RATE LIMITER FUNCTION
# *****************************************
# ======================================================================
# END SECTION 3 - WHITELISTING AND BLACKLISTING IP ADDRESSESE AND RANGES
# ======================================================================
# ============================================
# BEGIN SECTION 4 - ACTIVATE BLOCKER FUNCTIONS
# ============================================
# --------------------------------------------
# 1. MAP BAD BOTS TO OUR RATE LIMITER FUNCTION
# --------------------------------------------
map $bad_bot $bot_iplimit {
0 "";
@ -17898,30 +17984,31 @@ geo $ratelimited {
2 $binary_remote_addr;
}
# ***********************
# SET RATE LIMITING ZONES
# ***********************
# --------------------------
# 2. SET RATE LIMITING ZONES
# --------------------------
# BAD BOT RATE LIMITING ZONE
# limits for Zone $bad_bot = 1
# Nothing Set - you can set a different zone limiter here if you like
# We issue a 444 response instead to all bad bots.
# Rate limiting will only take effect if on any User-Agents with a value of 2
# limits for Zone $bad_bot = 2
# this rate limiting will only take effect if you change any of the bots and change
# their block value from 1 to 2.
limit_conn_zone $bot_iplimit zone=bot2_connlimit:16m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=2r/s;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=12r/m;
### *** MAKE SURE TO ADD to your nginx.conf ***
### server_names_hash_bucket_size 64;
### server_names_hash_max_size 4096;
### limit_req_zone $binary_remote_addr zone=flood:50m rate=90r/s;
### limit_conn_zone $binary_remote_addr zone=addr:50m;
### to allow it to load this large set of domains into memory and to set the rate limiting zones for the DDOS filter.
# ==========================================
# END SECTION 4 - ACTIVATE BLOCKER FUNCTIONS
# ==========================================
### THE END of the Long and Winding Road
# =====================
# END BLOCKER FUNCTIONS
# =====================
### Also check out my Ultimate Apache Bad Bot Blocker on Github
### https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker
### --------------------------------------------
### HELP SUPPORT THIS PROJECT - Send Me a Coffee
### https://ko-fi.com/mitchellkrog
### --------------------------------------------
### FOR APACHE SERVERS
### ---------------------------------------------
### Check out the Ultimate Apache Bad Bot Blocker
### ---------------------------------------------

17
.dev-tools/_conf_files_testing_changes/bots.d/blacklist-user-agents.conf
View file

@ -3,8 +3,8 @@
### VERSION INFORMATION #
###################################################
### Version: V3.2018.05
### Updated: 2018-08-21
### Version: V4.2019.06
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
@ -47,15 +47,14 @@
# ---------------------
# WHITELISTING EXAMPLES
# ---------------------
# "~*\bsomeverygooduseragentname1\b" 0;
# "~*\bsomeverygooduseragentname2\b" 0;
# "~*\bsome\-very\-good\-useragentname2\b" 0;
# "~*(?:\b)someverygooduseragentname1(?:\b|)" 0;
# "~*(?:\b)someverygooduseragentname2(?:\b|)" 0;
# "~*(?:\b)some\-very\-good\-useragentname2(?:\b|)" 0;
# ---------------------
# BLACKLISTING EXAMPLES
# ---------------------
# "~*\bsomeverybaduseragentname1\b" 3;
# "~*\bsomeverybaduseragentname2\b" 3;
# "~*\bsome\-very\-bad\-useragentname2\b" 3;
# "~*(?:\b)someverybaduseragentname1(?:\b|)" 3;
# "~*(?:\b)someverybaduseragentname2(?:\b|)" 3;
# "~*(?:\b)some\-very\-bad\-useragentname2(?:\b|)" 3;

1
.dev-tools/_conf_files_testing_changes/bots.d/whitelist-ips.conf
View file

@ -33,4 +33,3 @@
# 111.111.111.111 0;
35.224.112.202 0;

4
.dev-tools/_conf_files_testing_changes/conf.d/botblocker-nginx-settings.conf
View file

@ -13,8 +13,10 @@
# Version 1.1
# ! new directives also to be added to include_filelist.txt ! #
server_names_hash_bucket_size 128;
server_names_hash_bucket_size 256;
server_names_hash_max_size 4096;
variables_hash_max_size 4096;
variables_hash_bucket_size 4096;
limit_req_zone $binary_remote_addr zone=flood:50m rate=90r/s;
limit_conn_zone $binary_remote_addr zone=addr:50m;

6
.dev-tools/_conf_files_testing_changes/conf.d/globalblacklist.conf
View file

@ -4,8 +4,8 @@
### VERSION INFORMATION #
###################################################
### Version: V3.2019.06.1647
### Updated: Thu Jun 27 14:46:42 SAST 2019
### Version: V3.2019.06.1650
### Updated: Thu Jun 27 15:45:52 SAST 2019
### Bad Referrer Count: 6713
### Bad Bot Count: 556
###################################################
@ -17992,7 +17992,7 @@ geo $ratelimited {
# Rate limiting will only take effect if on any User-Agents with a value of 2
limit_conn_zone $bot_iplimit zone=bot2_connlimit:16m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=6r/m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=12r/m;
# ==========================================
# END SECTION 4 - ACTIVATE BLOCKER FUNCTIONS

2
.dev-tools/_conf_files_testing_changes_ip_whitelist/bots.d/blacklist-ips.conf
View file

@ -1,2 +1,2 @@
104.154.120.187 1;
104.154.113.151 1;
127.0.0.1 1;

17
.dev-tools/_conf_files_testing_changes_ip_whitelist/bots.d/blacklist-user-agents.conf
View file

@ -3,8 +3,8 @@
### VERSION INFORMATION #
###################################################
### Version: V3.2018.05
### Updated: 2018-08-21
### Version: V4.2019.06
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
@ -47,15 +47,14 @@
# ---------------------
# WHITELISTING EXAMPLES
# ---------------------
# "~*\bsomeverygooduseragentname1\b" 0;
# "~*\bsomeverygooduseragentname2\b" 0;
# "~*\bsome\-very\-good\-useragentname2\b" 0;
# "~*(?:\b)someverygooduseragentname1(?:\b|)" 0;
# "~*(?:\b)someverygooduseragentname2(?:\b|)" 0;
# "~*(?:\b)some\-very\-good\-useragentname2(?:\b|)" 0;
# ---------------------
# BLACKLISTING EXAMPLES
# ---------------------
# "~*\bsomeverybaduseragentname1\b" 3;
# "~*\bsomeverybaduseragentname2\b" 3;
# "~*\bsome\-very\-bad\-useragentname2\b" 3;
# "~*(?:\b)someverybaduseragentname1(?:\b|)" 3;
# "~*(?:\b)someverybaduseragentname2(?:\b|)" 3;
# "~*(?:\b)some\-very\-bad\-useragentname2(?:\b|)" 3;

2
.dev-tools/_conf_files_testing_changes_ip_whitelist/bots.d/whitelist-ips.conf
View file

@ -1,4 +1,4 @@
104.154.120.187 0;
104.154.113.151 0;
127.0.0.1 1;
127.0.0.1 1;
127.0.0.1 1;

6
.dev-tools/_conf_files_testing_changes_ip_whitelist/conf.d/globalblacklist.conf
View file

@ -4,8 +4,8 @@
### VERSION INFORMATION #
###################################################
### Version: V3.2019.06.1647
### Updated: Thu Jun 27 14:46:42 SAST 2019
### Version: V3.2019.06.1650
### Updated: Thu Jun 27 15:45:52 SAST 2019
### Bad Referrer Count: 6713
### Bad Bot Count: 556
###################################################
@ -17992,7 +17992,7 @@ geo $ratelimited {
# Rate limiting will only take effect if on any User-Agents with a value of 2
limit_conn_zone $bot_iplimit zone=bot2_connlimit:16m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=6r/m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=12r/m;
# ==========================================
# END SECTION 4 - ACTIVATE BLOCKER FUNCTIONS

2
.dev-tools/_conf_files_testing_changes_ratelimiting/bots.d/blacklist-ips.conf
View file

@ -1,2 +1,2 @@
104.154.120.187 1;
104.154.113.151 1;
127.0.0.1 1;

2
.dev-tools/_conf_files_testing_changes_ratelimiting/bots.d/whitelist-ips.conf
View file

@ -1,4 +1,4 @@
104.154.120.187 0;
104.154.113.151 0;
127.0.0.1 1;
127.0.0.1 1;
127.0.0.1 1;

6
.dev-tools/_conf_files_testing_changes_ratelimiting/conf.d/globalblacklist.conf
View file

@ -4,8 +4,8 @@
### VERSION INFORMATION #
###################################################
### Version: V3.2019.06.1647
### Updated: Thu Jun 27 14:46:42 SAST 2019
### Version: V3.2019.06.1650
### Updated: Thu Jun 27 15:45:52 SAST 2019
### Bad Referrer Count: 6713
### Bad Bot Count: 556
###################################################
@ -17992,7 +17992,7 @@ geo $ratelimited {
# Rate limiting will only take effect if on any User-Agents with a value of 2
limit_conn_zone $bot_iplimit zone=bot2_connlimit:16m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=6r/m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=12r/m;
# ==========================================
# END SECTION 4 - ACTIVATE BLOCKER FUNCTIONS

2
.dev-tools/_conf_files_testing_changes_whitelist/bots.d/blacklist-ips.conf
View file

@ -1,2 +1,2 @@
104.154.120.187 1;
104.154.113.151 1;
127.0.0.1 1;

2
.dev-tools/_conf_files_testing_changes_whitelist/bots.d/whitelist-ips.conf
View file

@ -1,4 +1,4 @@
104.154.120.187 0;
104.154.113.151 0;
127.0.0.1 1;
127.0.0.1 1;
127.0.0.1 1;

6
.dev-tools/_conf_files_testing_changes_whitelist/conf.d/globalblacklist.conf
View file

@ -4,8 +4,8 @@
### VERSION INFORMATION #
###################################################
### Version: V3.2019.06.1647
### Updated: Thu Jun 27 14:46:42 SAST 2019
### Version: V3.2019.06.1650
### Updated: Thu Jun 27 15:45:52 SAST 2019
### Bad Referrer Count: 6713
### Bad Bot Count: 556
###################################################
@ -17992,7 +17992,7 @@ geo $ratelimited {
# Rate limiting will only take effect if on any User-Agents with a value of 2
limit_conn_zone $bot_iplimit zone=bot2_connlimit:16m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=6r/m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=12r/m;
# ==========================================
# END SECTION 4 - ACTIVATE BLOCKER FUNCTIONS

2
.dev-tools/_conf_files_whitelist/bots.d/blacklist-ips.conf
View file

@ -1,2 +1,2 @@
104.154.120.187 1;
35.192.136.167 1;
127.0.0.1 1;

2
.dev-tools/_conf_files_whitelist/bots.d/whitelist-ips.conf
View file

@ -1,4 +1,4 @@
104.154.120.187 0;
35.192.136.167 0;
127.0.0.1 1;
127.0.0.1 1;
127.0.0.1 1;

6
.dev-tools/_conf_files_whitelist/conf.d/globalblacklist.conf
View file

@ -4,8 +4,8 @@
### VERSION INFORMATION #
###################################################
### Version: V3.2019.06.1647
### Updated: Thu Jun 27 14:46:42 SAST 2019
### Version: V4.2019.06.1650
### Updated: Thu Jun 27 15:45:51 SAST 2019
### Bad Referrer Count: 6713
### Bad Bot Count: 556
###################################################
@ -17992,7 +17992,7 @@ geo $ratelimited {
# Rate limiting will only take effect if on any User-Agents with a value of 2
limit_conn_zone $bot_iplimit zone=bot2_connlimit:16m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=6r/m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=12r/m;
# ==========================================
# END SECTION 4 - ACTIVATE BLOCKER FUNCTIONS

4
.dev-tools/globalblacklist-testing.template
View file

@ -4,8 +4,8 @@
### VERSION INFORMATION #
###################################################
### Version: V3.2019.06.1647
### Updated: Thu Jun 27 14:46:42 SAST 2019
### Version: V3.2019.06.1650
### Updated: Thu Jun 27 15:45:52 SAST 2019
### Bad Referrer Count: 6713
### Bad Bot Count: 556
###################################################

4
.dev-tools/globalblacklist.template
View file

@ -4,8 +4,8 @@
### VERSION INFORMATION #
###################################################
### Version: V3.2019.06.1647
### Updated: Thu Jun 27 14:46:42 SAST 2019
### Version: V4.2019.06.1650
### Updated: Thu Jun 27 15:45:51 SAST 2019
### Bad Referrer Count: 6713
### Bad Bot Count: 556
###################################################

0
.dev-tools/test-blocker-badwords.sh Normal file → Executable file
View file

0
.dev-tools/test-blocker-rate-limiting.sh Normal file → Executable file
View file

0
.dev-tools/test-blocker-whitelist-domains.sh Normal file → Executable file
View file

0
.dev-tools/test-blocker-whitelist-ips.sh Normal file → Executable file
View file

0
.dev-tools/test-blocker-whitelist.sh Normal file → Executable file
View file

2
.dev-tools/test_units/blacklist-ips.conf
View file

@ -1,2 +1,2 @@
104.154.120.187 1;
104.154.113.151 1;
127.0.0.1 1;

92
.dev-tools/test_units/random-bots-for-test-quick.list
View file

@ -1,50 +1,50 @@
Anarchie
Bigfoot
BLEXBot
Blow
Bullseye
CATExplorador
CheTeam
com.plumanalytics
360Spider
Aboundex
Alexibot
Battleztar Bazinga
CrunchBot
demandbase-bot
Disco
Drip
EirGrabber
evc-batch
Evil
FlashGet
Foobot
GetRight
ExtractorPro
FHscan
Go-Ahead-Got-It
Haansoft
Iblog
IDBot
InternetSeer
JamesBOT
LinkScan
Lipperhey Spider
Mediatoolkitbot
mediawords
NPbot
Picscout
plumanalytics
POE-Component-Client-HTTP
PxBroker
Searchestate
seoscanners
SISTRIX
SputnikBot
spyfu
Sqlworm
SurveyBot
Suzuran
Grabber
HMView
HTMLparser
HybridBot
InfoNaviRobot
InterGET
Iskanie
JikeSpider
Jorgee
JustView
LNSpiderguy
Ltx71
meanpathbot
MFC_Tear_Sample
Nibbler
Nikto
PictureFinder
ProWebWalker
PyCurl
Reaper
RepoMonkey
Ripper
SEOkicks
SEOprofiler
SiteSucker
SpankBot
Sqworm
Sucker
Trendictionbot
WebAuto
Web Fetch
WebLeacher
Web Sauger
WebSucker
Who.is Bot
WiseGuys Robot
WWW::Mechanize
xpymep1.exe
zauba.io
Turingos
VeriCiteCrawler
WallpapersHD
Web Collage
WebImageCollector
WebSauger
Whack
Wprecon
WWW-Mechanize
zgrab

274
.dev-tools/test_units/random-bots-for-test.list
View file

@ -1,250 +1,250 @@
360Spider
80legs
Aboundex
Acunetix
ADmantX
AhrefsBot
AIBOT
AfD-Verbotsverfahren
Aipbot
Alligator
AllSubmitter
AlphaBot
Anarchie
Apexoo
archive.org_bot
ASPSeek
Backlink-Ceck
backlink-check
Bandit
BatchFTP
BacklinkCrawler
Barkrowler
BBBike
BDCbot
BetaBot
Bigfoot
BlackWidow
Bitacle
Black Hole
Blow
BlowFish
Boardreader
BotALot
BunnySlippers
Buddy
BuiltWith
Bullseye
Calculon
CATExplorador
CazoodleBot
CCBot
CherryPicker
CheTeam
Cliqzbot
Cloud mapping
Claritybot
Cogentbot
com.plumanalytics
cognitiveseo
Copier
CopyRightCheck
Copyscape
Cosmos
Craftbot
crawl.sogou.com
CrazyWebCrawler
Crescent
crawler4j
crawler.feedback
CrunchBot
CSHttp
Curious
DatabaseDriverMysqli
Deusu
Devil
Digincore
DigitalPebble
Dirbuster
Disco
Discobot
Dispatch
Discoverybot
DittoSpyder
DnyzBot
DomainCrawler
DomainSigmaCrawler
Dotbot
Download Wonder
Dragonfly
DTS Agent
EasyDL
ECCP/1.0
Ecxi
Evil
EMail Siphon
EMail Wolf
Express WebPictures
ExtLinksBot
Extreme Picture Finder
EyeNetIE
FDM
FHscan
Firefox/7.0
Flunky
FrontPage
ExtractorPro
FemtosearchBot
Fimap
FyberSpider
Fyrebot
GalaxyBot
Genieo
Getintent
GetRight
Go-Ahead-Got-It
GetWeb
GoZilla
Go!Zilla
Grabber
Grafula
GrapeshotCrawler
GridBot
Havij
HaosouSpider
Harvest
Heritrix
Hloader
HMView
HTMLparser
HTTP::Lite
Iblog
IDBot
HTTrack
Id-search
IlseBot
Image Fetch
Image Sucker
Indy Library
InfoNaviRobot
IndeedBot
instabid
Intelliseek
InterGET
Internet Ninja
InternetSeer
ips-agent
Iria
IRLbot
Iskanie
IstellaBot
JamesBOT
JennyBot
Jetty
JOC Web Spider
Joomla
Jorgee
Jyxobot
Kenjin Spider
Lanshanbot
Larbin
Lftp
LibWeb
Keyword Density
Kozmosbot
LeechFTP
LeechGet
Lightspeedsystems
Likse
Linkdexbot
LinkextractorPro
LinkWalker
Litemage_walker
lwp-request
LWP::Simple
LinkScan
LinqiaRSSBot
LinqiaScrapeBot
Lmspider
LNSpiderguy
Magnet
Mail.RU_Bot
Majestic12
Mag-Net
Majestic SEO
MarkMonitor
Mata Hari
Masscan
MauiBot
meanpathbot
Meanpathbot
MeanPath Bot
Mediatoolkitbot
mediawords
MegaIndex.ru
Metauri
MFC_Tear_Sample
Microsoft Data Access
Microsoft URL Control
MIDown tool
MIIxpc
Mister PiX
MJ12bot
MSFrontPage
MSIECrawler
Musobot
Name Intelligence
Nameprotect
Navroad
NearSite
Needle
Nessus
NetAnts
netEstate NE Crawler
NetLyzer
NetMechanic
Nettrack
Netvibes
NICErsPRO
Niki-bot
Nikto
NimbleCrawler
NPbot
Nutch
oBot
Offline Navigator
OnCrawl
Octopus
OpenLinkProfiler
Openvas
OrangeSpider
OutclicksBot
PageAnalyzer
Page Analyzer
PageGrabber
page scorer
Panscient
PageScorer
Pandalytics
Papa Foto
pcBrowser
PECL::HTTP
Picscout
Picsearch
PeoplePal
PHPCrawl
PictureFinder
Pimonster
Pixray
PleaseCrawl
POE-Component-Client-HTTP
ProPowerBot
Pump
PxBroker
Psbot
PyCurl
QueryN Metasearch
Quick-Crawler
RankActive
RankActiveLinkBot
RankingBot
RankFlex
RankingBot2
Rankivabot
RealDownload
RebelMouse
Recorder
RedesScrapy
Ripper
SalesIntelligent
Rogerbot
SBIder
ScoutJet
ScanAlert
Screaming
Semrush
SemrushBot
SEOkicks
SEOkicks-Robot
SEOlyticsCrawler
Seomoz
seoscanners
SEOstats
serpstatbot
Shodan
Siphon
SISTRIX
Siteimprove
SiteSucker
Snake
Snoopy
SocialRankIOBot
SiteLockSpider
SiteSnagger
Snapbot
sogouspider
Sottopop
SpaceBison
Spammen
Spanner
sp_auditbot
Spinn3r
SputnikBot
spyfu
Sqlmap
Sqlworm
Sqworm
Steeler
Stripper
Sucker
SuperHTTP
Surfbot
Swiftbot
sysscan
T0PHackTeam
T8Abot
tAkeOut
Teleport
TeleportPro
Telesoft
Telesphoreo
Telesphorep
TheNomad
Titan
Trendiction
TurnitinBot
UnisterBot
Upflow
Toata
Toweyabot
Trendictionbot
trendiction.de
Turingos
Turnitin
URLy Warning
URLy.Warning
Vacuum
Vagabondo
VeriCiteCrawler
VCI
VidibleScraper
Voil
Voltron
Wallpapers/3.0
WallpapersHD
WASALive-Bot
Webalta
WebAuto
WebCollage
WebBandit
Web Collage
WebCopier
Web Enhancer
Web Fetch
WebFuck
WebLeacher
WebmasterWorldForumBot
webmeup-crawler
WebPix
WebGo IS
Web Pix
WebReaper
WebSauger
Webster
WebSucker
Web Sauger
Webshag
WebsiteExtractor
WebsiteQuester
WebStripper
Web Sucker
WebZIP
Who.is Bot
WiseGuys Robot
WISENutbot
WebWhacker
WeSEE
WinHTTrack
Wonderbot
Woobot
Wotbox
Wprecon
WPScan
WWW-Collector-E
WWW-Mechanize
WWW::Mechanize
x09Mozilla
YoudaoBot
Zade
Xaldon WebSpider
Xenu
xpymep1.exe
Zauba
zauba.io
Zermelo
zgrab
Zitebot
ZyBorg

268
.dev-tools/test_units/random-bots-for-whitelist-test.list
View file

@ -1,250 +1,250 @@
360Spider
404checker
80legs
AfD-Verbotsverfahren
Abonti
ADmantX
AhrefsBot
AIBOT
AiHitBot
Aipbot
ASPSeek
Alligator
AllSubmitter
archive.org_bot
Asterias
Attach
BackDoorBot
backlink-check
BackWeb
Bandit
BatchFTP
Battleztar Bazinga
Barkrowler
BDCbot
BDFetch
Bigfoot
Blackboard
Black Hole
BlackWidow
Blow
BlowFish
Bolt
Brandprotect
Brandwatch
Buddy
BunnySlippers
Calculon
CATExplorador
CazoodleBot
BuiltBotTough
BuzzSumo
CCBot
Cegbfeieh
CherryPicker
CheTeam
Chlooe
ChinaClaw
Cliqzbot
coccocbot-web
cognitiveseo
com.plumanalytics
Copier
Craftbot
crawl.sogou.com
CrazyWebCrawler
crawler.feedback
Crescent
Curious
Custo
DataCha0s
Demon
Digincore
Disco
DBLBot
Deusu
DIIbot
Dirbuster
Discoverybot
Dispatch
DittoSpyder
DnyzBot
DomainAppender
DomainCrawler
DomainStatsBot
Dotbot
Download Wonder
Dragonfly
Drip
DSearch
DTS Agent
EasyDL
ECCP/1.0
Ecxi
EirGrabber
EMail Wolf
Evil
EroCrawler
evc-batch
Exabot
Express WebPictures
Ezooms
facebookscraper
ExtLinksBot
Extractor
ExtractorPro
FDM
FemtosearchBot
FHscan
FlashGet
Flunky
Foobot
FrontPage
GalaxyBot
Genieo
Getintent
GetRight
Gigablast
G-i-g-a-b-o-t
Fyrebot
Gigabot
Go-Ahead-Got-It
GoZilla
GrabNet
Gotit
GrapeFX
GridBot
Harvest
HEADMasterSEO
Heritrix
HMView
HTTP::Lite
Humanlinks
HybridBot
Iblog
IDBot
Id-search
IlseBot
IndeedBot
InfoNaviRobot
instabid
Intelliseek
Internet Ninja
Iria
JamesBOT
JennyBot
JetCar
JOC Web Spider
Joomla
InternetSeer
internetVista monitor
ips-agent
Jbrofuzz
JikeSpider
Keyword Density
Kozmosbot
Larbin
LeechFTP
Lftp
Lightspeedsystems
Libwhisker
Linkdexbot
LinkextractorPro
LinkScan
LinqiaMetadataDownloaderBot
LinkpadBot
LinksManager
LinqiaRSSBot
Lipperhey Spider
LinqiaScrapeBot
Litemage_walker
Lmspider
LNSpiderguy
Ltx71
lwp-request
Magnet
Mag-Net
Majestic12
Majestic-SEO
Mass Downloader
MarkMonitor
MarkWatch
Masscan
Mata Hari
meanpathbot
MeanPath Bot
Mediatoolkitbot
MegaIndex.ru
Metauri
MFC_Tear_Sample
Microsoft Data Access
MIDown tool
MIIxpc
Mister PiX
MJ12bot
Morfeus Fucking Scanner
Mr.4x3
MSFrontPage
MSIECrawler
MS Web Services Client Protocol
Musobot
Nameprotect
Navroad
NearSite
Needle
Nessus
NetAnts
Netcraft
netEstate NE Crawler
NetLyzer
NetMechanic
Nettrack
Net Vampire
Nikto
Netvibes
NetZIP
NextGenSearchBot
NICErsPRO
Niki-bot
Nimbostratus
NPbot
Nutch
Octopus
Offline Explorer
Offline Navigator
OnCrawl
Openfind
OpenLinkProfiler
Openvas
PageAnalyzer
OpenVAS
OrangeBot
OrangeSpider
OutclicksBot
Page Analyzer
PageGrabber
PageScorer
Papa Foto
pcBrowser
PeoplePal
Picscout
Picsearch
PictureFinder
Pimonster
Pi-Monster
Pixray
plumanalytics
Pockey
Probethenet
ProPowerBot
Psbot
PxBroker
ProWebWalker
PyCurl
Quick-Crawler
RankActive
RankActiveLinkBot
RankingBot2
RankurBot
RankFlex
Rankivabot
RealDownload
Reaper
Recorder
RepoMonkey
RocketCrawler
ScoutJet
Rogerbot
SBIder
Scrapy
Searchestate
Semrush
SEOlyticsCrawler
SEOprofiler
sexsearcher
Shodan
SISTRIX
Sitebeam
SiteExplorer
SeoSiteCheckup
serpstatbot
Siteimprove
SiteLockSpider
SiteSnagger
SiteSucker
Site Sucker
Sitevigil
SlySearch
Snoopy
Sociscraper
SmartDownload
Snake
sogouspider
Sottopop
SpaceBison
SpankBot
Sogou web spider
Sosospider
sp_auditbot
Spbot
SputnikBot
spyfu
Steeler
Sqlmap
Sqlworm
Sqworm
Stripper
Sucker
Sucuri
SuperBot
SuperHTTP
SurveyBot
T0PHackTeam
tAkeOut
Suzuran
sysscan
Szukacz
T8Abot
Teleport
Telesoft
Telesphorep
The Intraformant
Thumbor
TightTwatBot
Toata
Tracemyfile
Trendiction
Titan
Toweyabot
Trendictionbot
trendiction.com
Turnitin
TurnitinBot
TwengaBot
Twice
Typhoeus
Upflow
URLy Warning
URLy.Warning
Vacuum
VB Project
VCI
VoidEYE
Voil
Voltron
WallpapersHD
WASALive-Bot
WBSearchBot
Webalta
WebAuto
Web Auto
WebBandit
WebCollage
WebCopier
WebEnhancer
WebFuck
WebFetch
WebGo IS
WebLeacher
Web Sauger
WebImageCollector
webmeup-crawler
WebPix
WebsiteExtractor
WebsiteQuester
Website Quester
WebStripper
WebSucker
WebZIP
WeSEE
Whack
Whacker
Who.is Bot
Widow
WinHTTrack
WiseGuys Robot
WISENutbot
Wonderbot
Woobot
Wprecon
WPScan
WWW-Collector-E
WWW-Mechanize
WWW::Mechanize
x09Mozilla
Xaldon_WebSpider
Xaldon WebSpider
Xenu
YoudaoBot
Zade
zauba.io
ZmEu
Zeus
ZumBot
ZyBorg

198
.dev-tools/test_units/random-referrers-for-test-quick.list
View file

@ -1,100 +1,100 @@
100dollars-seo.com
178evakuator178.ru
4inn.ru
5elementov.ru
aa8780bb28a1de4eb5bff33c28a218a930.com
agapovdg.ru
allpdfmags.net
avon-novosib.ru
avtolombard-krasnodar.com
bankiem.pl
big-cash.net
bloke.com
bonux.nextview.ru
bus-offer.com
checkhit.com
dev33.dioniqlabb.se
dfwu1019.info
divci-hry.info
diy-handmade-ideas.com
djonwatch.ru
domainroam.win
erotik0049.com
ez8motelseaworldsandiego.com
familienzahnaerzte.com
fba-mexico.com
fidelityfunding.com
footballfarrago.com
foto-sisek.porngalleries.top
foto-telok.net
frvo.alptandem.ru
fungirlsgames.net
girlsfuckdick.com
gk-atlant.info
gktt.ru
gyffu.com
hdimagegallery.net
hkladys.com
hptwaakw.blog.fc2.com
imperiafilm.ru
jav-way.site
jimmychoosale.online
kinky-fetishes.com
kinopolet.net
life.biz.ua
locationdesaison.com
macdamaged.tech
mac-shield.com
malwareremovalcenter.com
marketland.ml
mecash.ru
medictube.ru
meget.co.za
member-quiz.com
metabar.ru
misswell.net
moroccosurfadventures.com
mygameplus.com
myperiod.club
npoet.ru
o00.in
offf.info
orhonit.com
perso.wanadoo.es
physfunc.ru
picsforkeywordsuggestion.com
pills24h.com
powenlite24.ru
pricheskaonline.ru
purchasepillsnorx.com
qcstrtvt.bloger.index.hr
realting-moscow.ru
renecaovillasale.online
ricorsogiustizia.org
rimedia.org
risparmiocasa.bz.it
search.xtconnect.com
se.bnt-team.com
seeresultshub-a.akamaihd.net
seofied.com
soft-terminal.ru
staticfs.host
sugarlyflex.pw
superstarfloraluk.com
svnuppsalaorebro.se
tizanidinevssoma.blogspot.com
tongkatmadura.info
trichizobswiv.agddns.net
tt-ipd.info
tuckpointingmasonrysystems.com
uptime-delta.net
vepad.com
12u.info
2ads.co.uk
absolute-s.ru
acgs.tk
allmarketsnewdayli.gdn
amazingninja.com
apibetweenlinesn-a.akamaihd.net
apidiamondatanet-a.akamaihd.net
bestadbid.com
best-games.today
bestwaystogetpaid.us
bizlist.com.de
brandehk.dk
b-styles.xyz
burkesales.com
buy-meds24.com
cercacamion.it
chocoslim.pro
cometorussia.net
compliance-alex.xyz
compliance-julianna.top
coolingoods.com
customcatchcan.com
davebestdeals.com
design-lands.ru
deutschehobbyhuren.net
directrev.com
dmmspy.com
dogsrun.net
domaincheck.io
ebooknovel.club
e-buyeasy.com
efnor-ac.com
ezigaretteshop.webs.com
fanrto.com
forex-indextop20.ru
freenode.info
funtoonez.com
getoutofdebtfree.org
gkvector.ru
hexpilot.com
homik.pw
hotel-mkad.ru
husky-shop.cz
hyiphunter.org
imagine-ex.co
isotoner.com
istanbulit.com
kino-filmi.com
kletkimehan.ru
labafydjxa.su
lion.snapmap.us
lsp-awak-perikanan.com
m0r0zk0-krava.ru
maglid.ru
marcoislandvacations.net
meetingrainstorm.bid
metaxalonevstizanidine.blogspot.com
monarhs.info
moscow-clining.ru
naperehresti.info
news-readers.ru
nhl09.ru
online-hit.info
openstat.com
optibuymac.com
osagonline.ru
pcimforum.com
pixell.club
pk-services.ru
porndroids.com
portside.cc
productarium.com
promoheads.com
psoriasis-file.trade
qexyfu.bugs3.com
queerspace.com
radiogambling.com
remont-mobile-phones.ru
royal-betting.net
rvi.biz
scanner-josh.top
sc-specialhost.com
sex-tracker.com
sitebeam.net
solitaire-game.ru
spymac.net
tizanidine4mg.blogspot.com
traffic100.com
tubeline.biz
tvand.ru
ukkelberg.no
unblocksit.es
uptime-alpha.net
uroki.net
vucms.com
websites-reviews.com
whatistizanidine2mg.blogspot.com
wineration.com
w-journal.ru
x-diesel.info
xn--80aaagvmjabrs1aoc9luc.xn--p1ai
ypmuseum.ru
zaapplesales.blogspot.com
x-true.info
zakazfutbolki.com
zixizop.net.ru
zoolubimets.ru

1714
.dev-tools/test_units/random-referrers-for-test.list
View file

File diff suppressed because it is too large Load diff

474
.dev-tools/test_units/random-referrers-for-whitelist-test.list
View file

@ -1,250 +1,250 @@
01apple.com
100searchengines.com
1j7740kd.website
20pascals.nl
8gold.com
acgs.tk
adidas.frwebs.fr
adult-shop.com.ua
alfabot.xyz
alf-img.com
alibestsale.com
app5.letmacworkfaster.world
arewater.com
0lovespells0.blogspot.com
11pikachu.ru
2nt.ru
4istoshop.com
4pp13.com
7minuteworkout.com
7yue.org
883zy.com
adman.gr
adviceforum.info
advokateg.xyz
afftrack001.com
allnews24.in
amt-k.ru
apartment.ru
apidigidocketnet-a.akamaihd.net
apifasterlightin-a.akamaihd.net
apimegabrowsebiz-a.akamaihd.net
apps-analytics.net
arendakvartir.kz
arendovalka.xyz
arius.tech
asscenihotosidea.blogspot.co.za
auto.rusvile.lt
batanga.net
battlecarnival.su
bedandbreakfast.com
bestdraws.com
best-games.today
bestimagecoollibrary.com
azartclub.org
azartmix.com
bestprofits-there.com
bingo8888.com
blacktwhite.com
bloke.com
bonvillan.com
boostmyppc.com
brandehk.dk
bumascloset.com
butstrap.space
cacheimages.com
cakemediahq.com.au
carloans.com
cayado.snn.gr
cdncash.net
c-english.ru
cenoval.ru
cfcl.co.uk
chee-by.biz
cl.s7.exct.net
colehaanoutlet.store
communisave.co.za
compliance-jess.top
compliance-viktor.top
compucelunlock.net
continent-e.tv
cranly.net
cubs-jerseys.us
daisye.top
dandiyabeats.in
dating-time-now.com
daymusam.com
ddospanel.com
delta-line.men
depositfiles-porn.ga
dfiles.me
djstools.com
doctissimo.fr
dogclothing.store
domashneeruporno.com
bidbuy.co.kr
blog.axant.it
brandbucket.com
buntube.net
buyhoverboard.com
buypillsorderonline.com
capacitacionyaprendizaje.com
carina-sy.de
cartierreplica.pw
casinorewards.info
casite-513049.cloudaccess.net
cejewelry.xyz
cheap-trusted-backlinks.com
chelnytruck.ru
cindymatches.com
cjs.com.ru
cleanallvirus.com
collegeessay19.blogspot.ru
com-cleaner.systems
compliance-jane.top
compliance-margo.top
consorzioilmosaico.org
contentsexpress.com
cosmetic.donna7753191.ru
customerguru.in
cypernhuset.se
data.vtc.pw
dengi-pod-zalog-nedvizhimosti.ru
dev33.dioniqlabb.se
de.zapmeta.com
dfwu1013.info
doeco.ru
domainanalyzing.xyz
dosugrostov.site
dotmass.top
doxyporno.com
dyshagi.ru
eaplay.ru
eladkarako.com
elektrischezigarette1.onsugar.com
evogarage.com
extractorandburner.com
extremal-blog.com
favorcosmetics.com
filefilter.weebly.com
flytourisme.org
food.dtu.dk
forexgb.ru
free-fbook-traffic.com
fun2cell.net
game-mmorpg.net
gay-site.store
gilbertbanda.net
go2album.com
goforexvps.com
goldandcard.ru
goldenggames.com
gonextmedia.com
good-mummy.ru
goodwinmetals.co
gotwebsite1.com
gribkovye-zabolevaniya.com
growshop.es
gwebtools.com.br
heroz.fr
hitcpm.com
hledejvshopech.cz
hobbyhuren24.net
hotblognetwork.com
hothor.se
hotsocialz.com
houseofgaga.ru
images-free.net
impotentik.com
inbabes.sexushost.com
integritylandscapeservices.com
investzalog.ru
e-buyeasy.com
editors.choice6912650.hulfingtonpost.com
ekobata.ru
elektrozigaretten2.yn.lt
enhand.se
f1nder.org
falllow.gq
fanpagerobot.com
felizporno.com
financehint.eu
financetip.eu
finuse.com
flex4launch.ru
formularz-konkurs.tk
forpostlock.ru
foxjuegos.com
freelifetimefuckbook.com
freshwallpapers.info
frighteningremain.cf
frvo.alptandem.ru
fuckmill.com
funcrushgames.com
fun-mobi.pl
gateway.zscalerone.net
gdebestkupit.ru
generalporn.org
gg.zzyjxs.com
globalsurfari.com
glogow.pl
golmau.host.sk
google-liar.ru
greatdealshop.com
gsbs.com.ua
guigyverpo.cf
hasfun.com
hd720kino.ru
hdhc.ru
hopeonthestreet.co.uk
hotloans.ru
housekuba.org
hyiphunter.org
ibb.com.ua
igrovyeavtomaty777.ru
iideaidekonkatu.info
images-graphics-pics.com
imgata.com
inome.com.ua
internetartfair.com
io9.com
iptool.xyz
iqupdatetmz.win
i-service.kz
itronics.ca
ivanstroi.ru
jennyfire.ru
jongose.ninja
jpcycles.com
juliaworld.net
kakadu-interior.com.ua
kaliningrad.zrus.org
keywordhouse.com
jbl-charge.info
kalb.ru
kanimage.com
kareliatobacco.ru
kiinomaniak.pl
kinohit1.ru
kndxbkdx.bloger.index.hr
knowyournextmove.com
labplus.ru
lacapilla.info
letmacwork.world
li-er.ru
linksharingt.com
lion.misba.us
liver-chintai.org
lmrauction.com
lollypopgaming.com
lonerangergames.com
lostfilm-online.ru
lotto6888.com
ltvperf.com
magento-crew.net
magicplayer-s.acestream.net
master-muznachas.ru
meendo-free-traffic.ga
michaelkorsoutlet.store
mmog-play.ru
musflashtv.com
myfreemp3.eu
myindospace.com
mystats.xyz
natali-forex.com
naughtyconnect.com
nelc.edu.eg
nextrent-crimea.ru
nonews.co
kinky-fetishes.com
kinomaniatv.pl
klosetkitten.com
klumba55.ru
krynica.info
kung-fu-ru.com
kw21.org
lalalove.ru
landinez.co
lankarns.com
levaquin750mg.blogspot.com
linkrr.com
liumimgx.pw
liveu.infoteka.hu
loginduepunti.it
masturbate.co.uk
medicines-choice.com
medkletki.ru
minharevisao.com
mixtapetorrent.com
monclercoats.xyz
monetizationking.net
moxo.com
mrpornogratis.xxx
muzaporn.com
myfreecams.com
myperiod.club
myseoconsultant.com
nalogovyykodeks.ru
net-profits.xyz
nfvsz.com
nhl09.ru
normalegal.ru
nrv.co.za
offtime.ru
of-ireland.info
onlinetvseries.me
oops-cinema.ru
optom-deshevo.ru
okel.co
onemantrip.com
onlinadverts.com
onlinebay.ru
onlythegames.com
openlibrary.org
optibuymac.com
ordernorxx.com
orenburg-gsm.ru
oyster-green.com
patol01.pw
pavlodar.xkaz.org
pelfind.me
perso.wanadoo.es
petitions.whitehouse.gov
picturesify.com
paramountmarble.co.uk
partner-high.men
perm-profnastil.ru
plugingeorgia.com
pobeiranie.pl
pochtovyi-index.ru
polybuild.ru
pooleroadmedicalcentre.co.uk
potolokelekor.ru
pozvonim.com
priora-2.com
privatbank46.ru
poem-paying.gq
pornmania.pl
pornotubexxx.name
pourvous.info
pravoholding.ru
privhosting.com
prlog.ru
pronorm.fr
prostitutki-tolyatti.org
pst2017.onlinewebshop.net
pussyspace.net
putitin.me
produkto.net
profolan.pl
promodj.com
proprostatit.com
prostitutki-astana.org
puzo2arbuza.ru
rangjued.com
r-control.ru
redbottomheels.xyz
remont-komputerov-notebook.ru
rniaeba.ga
robertefuller.com
roznica.com.ua
rus-pornuha.com
russkoe-zdorovie.ru
sale-japan.com
saneyes.com
santechnik.jimdo.com
scanner-jane.top
seogadget.ru
service.adtech.us
service-core.ru
sexkontakte-seite.com
sexsearch.com
sexvporno.ru
sex-watch.com
sfj-ror.no
shinikiev.com.ua
shodanhq.com
sims-sims.ru
socialbutton.xyz
socialsignals24.com
solnplast.ru
souvenirua.com
spacash.com
staff.prairiesouth.ca
sugarkun.com
sukirgenk.dvrlists.com
sundrugstore.com
svarbit.com
symphonyintegratedhealthcare.com
tabletkinaodchudzanie.com.pl
thedownloadfromwarez.blogspot.com
thewebsitetemplate.info
tilido.com
tizanidineandcipro.blogspot.com
tizanidineforopiatewithdrawal.blogspot.com
tizanidinehydrochloride2mg.blogspot.com
tizanidineoral.blogspot.com
tjkckpytpnje.com
tkanorganizma.ru
torture.ml
touchmods.fr
tourcroatia.co.uk
trafficgenius.xyz
trafficnetzwerk.de
tripper.de
tupper-posuda.ru
uptime-as.net
ural-buldozer.ru
vchulkax.com
velobikestock.com
venta-prom.ru
videochat.tv.br
video-hollywood.ru
videospornogratisx.net
vietimgy.pw
vigrx-original.ru
vilingstore.net
vkak.ru
vladimir.zrus.org
wesharepics.info
whatistizanidinehclusedfor.blogspot.com
whatzmyip.net
qld10000.net
razleton.com
reversing.cc
ringtonepartner.com
rubbed.us
runtnc.net
s1z.ru
sammlungfotos.online
sax-sex.com
sbtdesign.co.uk
searchinquire.com
semaltmedia.com
seoanalyses.com
seolab.top
servethis.com
shakhtar-doneck.ru
shmetall.com.ua
shtaketniki.kz
sibecoprom.ru
simplepooltips.com
siteimprove.com
small-game.com
smichovbike.cz
stauga.altervista.org
sugarlyflex.pw
surcentro.com
surgut.zrus.org
surintech.ac.th
tattomedia.com
td-l-market.ru
tecspb.ru
testingads.pro
thefarmergame.com
thefds.net
titangel-vietnam.com
top-l2.com
torrentdownloadhub.com
trkdf.com
try-rx.com
twitlinks.com
unitexindia.com
unrealcommander.org
uptimebot.net
urll.eu
usacasino.com
vadimkravtcov.ru
via-energy-order.com
video-woman.com
vipromoffers.com
vucms.com
waysbetter.cn
weekes.biz.tc
while.cheapwebsitehoster.com
word-vorlagen.xyz
ws.ampower.me
xmronta.com
xn--80ab4aa2g.xn--p1ai
xxlargepop.com
yaderenergy.ru
wwwadultcheck.com
xcombear.ru
x-diesel.info
xfire.com
xmladserver.com
xn--80aafb2a.xn--p1ai
xn--b1agm2d.net
yopoint.in
zeroredirect10.com
zootoplist.com
zacreditom.ru
zajm-pod-zalog-nedvizhimosti.ru
zona-aqua.ru
zoogdisany.com
zoominfo.com
zoompegs.com
zs2vm.top

59
.dev-tools/test_units/ratelimittest-beta.txt Normal file
View file

@ -0,0 +1,59 @@
<html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body bgcolor="white">
<center><h1>503 Service Temporarily Unavailable</h1></center>
<hr><center>nginx/1.14.2</center>
</body>
</html>
<html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body bgcolor="white">
<center><h1>503 Service Temporarily Unavailable</h1></center>
<hr><center>nginx/1.14.2</center>
</body>
</html>
<html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body bgcolor="white">
<center><h1>503 Service Temporarily Unavailable</h1></center>
<hr><center>nginx/1.14.2</center>
</body>
</html>
<html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body bgcolor="white">
<center><h1>503 Service Temporarily Unavailable</h1></center>
<hr><center>nginx/1.14.2</center>
</body>
</html>
<!DOCTYPE html>
<html>
<head>
<title>Welcome to the Nginx</title>
</head>
<body>
<div align=center>
<h1>Welcome to the Nginx Ultimate Bad Bot Blocker</h1>
<p>This is merely used for testing !!!</p>
</body>
</html><!DOCTYPE html>
<html>
<head>
<title>Welcome to the Nginx</title>
</head>
<body>
<div align=center>
<h1>Welcome to the Nginx Ultimate Bad Bot Blocker</h1>
<p>This is merely used for testing !!!</p>
</body>
</html><!DOCTYPE html>
<html>
<head>
<title>Welcome to the Nginx</title>
</head>
<body>
<div align=center>
<h1>Welcome to the Nginx Ultimate Bad Bot Blocker</h1>
<p>This is merely used for testing !!!</p>
</body>
</html>

122
.dev-tools/test_units/ratelimittest-master.txt
View file

@ -0,0 +1,122 @@
<html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body bgcolor="white">
<center><h1>503 Service Temporarily Unavailable</h1></center>
<hr><center>nginx/1.14.2</center>
</body>
</html>
<html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body bgcolor="white">
<center><h1>503 Service Temporarily Unavailable</h1></center>
<hr><center>nginx/1.14.2</center>
</body>
</html>
<html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body bgcolor="white">
<center><h1>503 Service Temporarily Unavailable</h1></center>
<hr><center>nginx/1.14.2</center>
</body>
</html>
<!DOCTYPE html>
<html>
<head>
<title>Welcome to the Nginx</title>
</head>
<body>
<div align=center>
<h1>Welcome to the Nginx Ultimate Bad Bot Blocker</h1>
<p>This is merely used for testing !!!</p>
</body>
</html><!DOCTYPE html>
<html>
<head>
<title>Welcome to the Nginx</title>
</head>
<body>
<div align=center>
<h1>Welcome to the Nginx Ultimate Bad Bot Blocker</h1>
<p>This is merely used for testing !!!</p>
</body>
</html><!DOCTYPE html>
<html>
<head>
<title>Welcome to the Nginx</title>
</head>
<body>
<div align=center>
<h1>Welcome to the Nginx Ultimate Bad Bot Blocker</h1>
<p>This is merely used for testing !!!</p>
</body>
</html><!DOCTYPE html>
<html>
<head>
<title>Welcome to the Nginx</title>
</head>
<body>
<div align=center>
<h1>Welcome to the Nginx Ultimate Bad Bot Blocker</h1>
<p>This is merely used for testing !!!</p>
</body>
</html><!DOCTYPE html>
<html>
<head>
<title>Welcome to the Nginx</title>
</head>
<body>
<div align=center>
<h1>Welcome to the Nginx Ultimate Bad Bot Blocker</h1>
<p>This is merely used for testing !!!</p>
</body>
</html><!DOCTYPE html>
<html>
<head>
<title>Welcome to the Nginx</title>
</head>
<body>
<div align=center>
<h1>Welcome to the Nginx Ultimate Bad Bot Blocker</h1>
<p>This is merely used for testing !!!</p>
</body>
</html><!DOCTYPE html>
<html>
<head>
<title>Welcome to the Nginx</title>
</head>
<body>
<div align=center>
<h1>Welcome to the Nginx Ultimate Bad Bot Blocker</h1>
<p>This is merely used for testing !!!</p>
</body>
</html><!DOCTYPE html>
<html>
<head>
<title>Welcome to the Nginx</title>
</head>
<body>
<div align=center>
<h1>Welcome to the Nginx Ultimate Bad Bot Blocker</h1>
<p>This is merely used for testing !!!</p>
</body>
</html><!DOCTYPE html>
<html>
<head>
<title>Welcome to the Nginx</title>
</head>
<body>
<div align=center>
<h1>Welcome to the Nginx Ultimate Bad Bot Blocker</h1>
<p>This is merely used for testing !!!</p>
</body>
</html><!DOCTYPE html>
<html>
<head>
<title>Welcome to the Nginx</title>
</head>
<body>
<div align=center>
<h1>Welcome to the Nginx Ultimate Bad Bot Blocker</h1>
<p>This is merely used for testing !!!</p>
</body>
</html>

2
.dev-tools/test_units/whitelist-ips.conf
View file

@ -1,4 +1,4 @@
104.154.120.187 0;
104.154.113.151 0;
127.0.0.1 1;
127.0.0.1 1;
127.0.0.1 1;

BIN
.latest_release/bots.d.tar.gz
View file

Binary file not shown.

BIN
.latest_release/conf.d.tar.gz
View file

Binary file not shown.

2
AUTO-CONFIGURATION.md
View file

@ -4,7 +4,7 @@
### PLEASE READ CONFIGURATION INSTRUCTIONS BELOW THOROUGHLY :exclamation:
_______________
#### Version: V4.2019.06.1647
#### Version: V4.2019.06.1650
#### Bad Referrer Count: 6713
#### Bad Bot Count: 556
____________________

2
MANUAL-CONFIGURATION.md
View file

@ -4,7 +4,7 @@
### PLEASE READ CONFIGURATION INSTRUCTIONS BELOW THOROUGHLY :exclamation:
_______________
#### Version: V4.2019.06.1647
#### Version: V4.2019.06.1650
#### Bad Referrer Count: 6713
#### Bad Bot Count: 556
____________________

2
README.md
View file

@ -11,7 +11,7 @@
##### The Ultimate Nginx Bad Bot, User-Agent, Spam Referrer Blocker, Adware, Malware and Ransomware Blocker, Clickjacking Blocker, Click Re-Directing Blocker, SEO Companies and Bad IP Blocker with Anti DDOS System, Nginx Rate Limiting and Wordpress Theme Detector Blocking. Stop and Block all kinds of bad internet traffic from ever reaching your web sites. [PLEASE SEE: Definition of Bad Bots](#define-bad-bots)
_______________
#### Version: V4.2019.06.1647
#### Version: V4.2019.06.1650
#### Bad Referrer Count: 6713
#### Bad Bot Count: 556
____________________

2
_google_analytics_ghost_spam/README.md
View file

@ -3,7 +3,7 @@
# EASY CONFIGURATION INSTRUCTIONS FOR STOPPING GOOGLE ANALYTICS "GHOST" SPAM
_______________
#### Version: V4.2019.06.1647
#### Version: V4.2019.06.1650
#### Bad Referrer Count: 6713
#### Bad Bot Count: 556
____________________

643
_sample_config_files/Engintron_for_cPanel_WHM_Configuration_Example/etc/nginx/conf.d/globalblacklist.conf
View file

@ -1,16 +1,21 @@
### **********************************
### THE ULTIMATE NGINX BAD BOT BLOCKER
### **********************************
### -----------------------------------------------------------
### THE NGINX ULTIMATE BAD BOT, BAD IP AND BAD REFERRER BLOCKER
### -----------------------------------------------------------
### VERSION INFORMATION #
###################################################
### Version: V4.2019.06.1647
### Updated: Thu Jun 27 14:46:41 SAST 2019
### Version: V4.2019.06.1650
### Updated: Thu Jun 27 15:45:51 SAST 2019
### Bad Referrer Count: 6713
### Bad Bot Count: 556
###################################################
### VERSION INFORMATION ##
### --------------------------------------------
### HELP SUPPORT THIS PROJECT - Send Me a Coffee
### https://ko-fi.com/mitchellkrog
### --------------------------------------------
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
@ -28,12 +33,16 @@
### and also has rate limiting functionality for bad bots who you only want to rate limit
### and not actually block out entirely. It is very powerful and also very flexible.
### --------------------------------------------------------------------------
### Created By: https://github.com/mitchellkrogza/
### Repo Url: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
### Copyright Mitchell Krog - <mitchellkrog@gmail.com>
### Contributors: Stuart Cardall - https://github.com/itoffshore
### --------------------------------------------------------------------------
### --------------------------------------------------------------------------
### Tested on: nginx/1.10.3 up to latest Mainstream Version (Ubuntu 16.04)
### --------------------------------------------------------------------------
### This list was developed and is in use on a live Nginx server running some very busy web sites.
### It was built from the ground up using real data from daily logs and is updated almost daily.
@ -41,9 +50,9 @@
### spam referrers, rogue IP address, scanners, scrapers and domain hijacking sites are extensively checked
### before they are added. It is monitored extensively for any false positives.
### *********
### ---------
### Features:
### *********
### ---------
### Clear formatting for Ease of Maintenance.
### Alphabetically ordered lists for Ease of Maintenance.
### Extensive Commenting for Ease of Reference.
@ -54,40 +63,38 @@
### IP range blocking / whitelisting.
### Rate Limiting Functions.
### ************
### ------------
### INSTALLATION
### ************
### ------------
### PLEASE use the install, setup and update scripts provided for you to ease your installation.
### This Auto Installation procedure is documented in the README.md and AUTO-CONFIGURATION.md files.
### Installation, Setup and Update Scripts Contributed by Stuart Cardall - https://github.com/itoffshore
### There are also manual configuration instructions provided for those not wishing to do an auto install.
### ***********************************************
### -----------------------------------------------
### !!!!! PLEASE READ INLINE NOTES ON TESTING !!!!!
### ***********************************************
### -----------------------------------------------
### Note that:
### SETTINGS:
### ---------------------------------------------
### 0 = allowed - no limits
### 1 = allowed or rate limited less restrictive
### 2 = rate limited more
### 3 = block completely
### ---------------------------------------------
### ************************************************************
### ------------------------------------------------------------
### CONTRIBUTING / PULL REQUESTS / ADDING YOUR OWN BAD REFERRERS
### ************************************************************
### ------------------------------------------------------------
### For contributing, corrections or adding bots or referrers to this repo,
### Send a Pull Request (PR) on any of the .list files in the _generator_lists folder
### All Pull Requests will be checked for accuracy before being merged.
# *********************************
# FIRST BLOCK BY USER-AGENT STRINGS
# *********************************
# ***********************
# -----------------------
# !!!!! PLEASE TEST !!!!!
# ***********************
# -----------------------
# ALWAYS test any User-Agent Strings you add here to make sure you have it right
# Use a Chrome Extension called "User-Agent Switcher for Chrome" where you can create your
@ -98,36 +105,46 @@
# curl -I http://www.yourdomain.com -A "GoogleBot" ---- GIVES YOU: HTTP/1.1 200 OK (Meaning web page was served to Client)
# curl -I http://www.yourdomain.com -A "80legs" ---- GIVES YOU: curl: (52) Empty reply from server (Meaning Nginx gave a 444 Dropped Connection)
# In this section we allow/disallow specific User Agents / Bots.
# *********************************************************************
# Now we map all good and bad user agents to a variable called $bad_bot
# *********************************************************************
# =======================
# START BLOCKER FUNCTIONS
# =======================
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# DO NOT EDIT ANYTHING BELOW THIS LINE !!!
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# =============================
# BEGIN SECTION 1 - USER-AGENTS
# =============================
# ALLOW / BLOCK User Agents / Bots
# -------------------------------------------------------------------
# Map all GOOD and BAD UA (User Agents) to a variable called $bad_bot
# -------------------------------------------------------------------
map $http_user_agent $bad_bot {
default 0;
# ***********************************************
# Include your Own Custom List of Bad User Agents
# ***********************************************
# Use the include file below to further customize your own list of additional user-agents you wish to permanently block
# This include file allows whitelisting and blacklisting of anything specified below it, meaning you can over-ride anything in this blocker to your liking.
# ***********************************************************************************
# -----------------------------------------------------------------------------------
# START CUSTOM BLACKLISTED USER AGENTS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ***********************************************************************************
# -----------------------------------------------------------------------------------
# Include your Own Custom List of Bad User Agents
# Use the include file below to further customize your own list of additional user-agents you wish to permanently block
# This include file allows whitelisting and blacklisting of anything specified below it.
# This include file alows you to over-ride any Bad / Good UA (Bot) declared in this blocker to your liking.
include /etc/nginx/bots.d/blacklist-user-agents.conf;
# *********************************************************************************
# ---------------------------------------------------------------------------------
# END CUSTOM BLACKLISTED USER AGENTS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# *********************************************************************************
# ---------------------------------------------------------------------------------
# *********************************************
# Bad User-Agent Strings That We Block Outright
# *********************************************
# --------------------------------------------------
# BAD UA (User-Agent) Strings That We Block Outright
# --------------------------------------------------
# START BAD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)360Spider(?:\b|)" 3;
@ -688,9 +705,16 @@ map $http_user_agent $bad_bot {
"~*(?:\b)ZyBorg(?:\b|)" 3;
# END BAD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
# ***********************************************
# Allow Good User-Agent Strings We Know and Trust
# ***********************************************
# --------------------------------------------
# GOOD UA User-Agent Strings We Know and Trust
# --------------------------------------------
# -----------------------------------------------------------------------
# You can over-ride these in /etc/nginx/bots.d/blacklist-user-agents.conf
# by adding the same UA line there and chaning its value of 1
# If you think GoogleBot is bad you would simply add them to
# blacklist-user-agents.conf with a value of 1
# -----------------------------------------------------------------------
# START GOOD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)adidxbot(?:\b|)" 0;
@ -727,12 +751,13 @@ map $http_user_agent $bad_bot {
"~*(?:\b)yahoo(?:\b|)" 0;
# END GOOD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
# ***************************************************
# User-Agent Strings Allowed Through but Rate Limited
# ***************************************************
# --------------------------------------------------------
# GOOD UA User-Agent Rate Limiting 1 - Disabled by Default
# --------------------------------------------------------
# Some people block libwww-perl, it used widely in many valid (non rogue) agents
# I allow libwww-perl as I use it for monitoring systems with Munin but it is rate limited
# TO ACTIVATE THIS RATE LIMITING Uncomment these two lines in blockbots.conf
#limit_conn bot1_connlimit 100;
#limit_req zone=bot1_reqlimitip burst=50;
# START ALLOWED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)jetmon(?:\b|)" 1;
@ -743,9 +768,14 @@ map $http_user_agent $bad_bot {
"~*(?:\b)Wget/1.15(?:\b|)" 1;
# END ALLOWED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
# **************************************************************
# Rate Limited User-Agents who get a bit aggressive on bandwidth
# **************************************************************
# -------------------------------------------------------
# GOOD UA User-Agent Rate Limiting 2 - Enabled by Default
# -------------------------------------------------------
# -----------------------------------------------------------------------
# You can over-ride these in /etc/nginx/bots.d/blacklist-user-agents.conf
# by adding the same UA line there and chaning its value of 1
# -----------------------------------------------------------------------
# START LIMITED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)Alexa(?:\b|)" 2;
@ -768,163 +798,186 @@ map $http_user_agent $bad_bot {
# END LIMITED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
}
# *****************************************
# SECOND BLOCK BY REFERRER STRINGS AND URLS
# *****************************************
# ===========================
# END SECTION 1 - USER-AGENTS
# ===========================
# *****************
# =======================================
# BEGIN SECTION 2 - REFERRERS AND DOMAINS
# =======================================
# ----------------
# PLEASE TEST !!!!
# *****************
# ----------------
# ------------------------------------------------------------------------------------------------------------------------------
# ALWAYS test referrers that you add. This is done manually as follows
# ------------------------------------------------------------------------------------------------------------------------------
# curl -I http://www.yourdomain.com -e http://anything.adcash.com --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e http://www.goodwebsite.com/not-adcash --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e http://www.betterwebsite.com/not/adcash --- GIVES YOU: curl: (52) Empty reply from server
# ------------------------------------------------------------------------------------------------------------------------------
# curl -I http://www.yourdomain.com -e http://www.google.com --- GIVES YOU: full html output of the web page
# curl -I http://www.yourdomain.com -e http://www.microsoft.com --- GIVES YOU: full html output of the web page
# ------------------------------------------------------------------------------------------------------------------------------
# Because of case-insensitive matching any combination of capitilization in the names will all produce a positive hit
# make sure you always test thoroughly and monitor logs. This section below also does NOT check for a preceding www.
# and it also does not care if the referrer request was sent with http https or even ftp.
# ------------------------------------------------------------------------------------------------------------------------------
# ***********************************************************************
# Now we map all bad referrer words below to a variable called $bad_words
# ***********************************************************************
# ----------------------------------------------------------------
# Map all BAD referrer words below to a variable called $bad_words
# ----------------------------------------------------------------
# --------------------------------
# START Bad Referrer Word Scanning
# --------------------------------
map $http_referer $bad_words {
default 0;
# **************************
# Bad Referrer Word Scanning
# **************************
# -------------------------------------------------------------------------------------------
# These are Words and Terms often found tagged onto domains or within url query strings.
# Create and Customize Your Own Bad Referrer Words Here using the new Include File Method
# New Method Uses the include file below so that when pulling future updates your
# customized list of bad referrer words are automatically now included for you
# Read Comments inside bad-referrer-words.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# BE VERY CAREFUL using the bad-referrer-words.conf file - please read the comment and
# BE VERY CAREFUL using this bad-referrer-words.conf file - please read the comments and
# examples inside the include file for detailed explanations into how seriously this can
# affect your own site from serving assets or other innocent sites from accessing your site
# For safety sake the whitelist-domains.conf file is also loaded here before the bad-referrer-words.conf file.
# For safety sake the whitelist-domains.conf file is also loaded here before the
# bad-referrer-words.conf file is loaded.
# -------------------------------------------------------------------------------------------
# ************************************************************************
# ------------------------------------------------------------------------
# START WHITELISTED DOMAINS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ************************************************************************
# ------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-domains.conf;
# **********************************************************************
# ----------------------------------------------------------------------
# END WHITELISTED DOMAINS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# **********************************************************************
# ----------------------------------------------------------------------
# ******************************************************************************
# ------------------------------------------------------------------------------
# START CUSTOM BAD REFERRER WORDS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ******************************************************************************
# ------------------------------------------------------------------------------
include /etc/nginx/bots.d/bad-referrer-words.conf;
# ****************************************************************************
# ----------------------------------------------------------------------------
# END CUSTOM BAD REFERRER WORDS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ****************************************************************************
# ----------------------------------------------------------------------------
}
# --------------------------------
# END Bad Referrer Word Scanning
# --------------------------------
# *************************
# Bad Referrer Domain Names
# *************************
# Now a list of bad referrer urls these domains or any combination of them ie .com .net
# will be blocked out. Doesn't matter if the protocol is http, https or even ftp
# ----------------------------------------
# START Good and Bad Referrer Domain Names
# ----------------------------------------
# -------------------------------------------------------------------------------------
# Good and Bad referrer urls Doesn't matter if the protocol is http, https or even ftp
# -------------------------------------------------------------------------------------
# ----------------------
# This section includes:
# **********************
# ----------------------
# --------------------------------------------------------------------------------
# Blocking of SEO company Semalt.com (now merged into this one section)
# MIRAI Botnet Domains Used for Mass Attacks
# Other known bad SEO companies and Ad Hijacking Sites
# Sites linked to malware, adware, clickjacking and ransomware
# Domain names and referrers used in referrer spam and seo hijacking
# Whitelisting of your own GOOD domains / referrers
# Whitelisting of any other GOOD domains / referrers you want explicitly NOT block
# --------------------------------------------------------------------------------
# *****************
# ----------------
# PLEASE TEST !!!!
# *****************
# ----------------
# ------------------------------------------------------------------------------------------------------------------------------------
# ALWAYS test referrers that you add. This is done manually as follows
# ------------------------------------------------------------------------------------------------------------------------------------
# curl -I http://www.yourdomain.com -e http://8gold.com --- GIVES YOU: curl: (52) Empty reply from server
# ------------------------------------------------------------------------------------------------------------------------------------
# Because of case-insensitive matching any combination of capitilization will all produce a positive hit - make sure you always test.
# ------------------------------------------------------------------------------------------------------------------------------------
# For Example any of the following variations below of 8gold.com will be detected and blocked
# ------------------------------------------------------------------------------------------------------------------------------------
# curl -I http://www.yourdomain.com -e http://NOT-8gold.com --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e http://this.is.not8gOlD.net --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e ftp://8gold.com --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e ftp://www.weare8gold.NET --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e https://subdomain.8gold.com --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e https://NOT8GolD.org --- GIVES YOU: curl: (52) Empty reply from server
# ------------------------------------------------------------------------------------------------------------------------------------
# So if you see a bad referrer from wearegoogle.com and you want to block them just add
# them as "~*wearegoogle.com" don't ever go and do something like "~*google(-|.)" you will
# kill all your SEO in a week.
# ------------------------------------------------------------------------------------------------------------------------------------
# To add your own custom bad referrers use the custom include file
# /etc/nginx/bots.d/custom-bad-referrers.conf
# Or send a Pull Request to add it to the global blacklist for other users.
# In the bad referrers section I also include sites that hotlink images without permission.
# ------------------------------------------------------------------------------------------------------------------------------------
# ***********************************************************************
# Now we map all good & bad referrer urls to variable called #bad_referer
# ***********************************************************************
# --------------------------------------------------------------------
# Map all good & bad referrer DOMAINS to a variable called bad_referer
# --------------------------------------------------------------------
map $http_referer $bad_referer {
hostnames;
default 0;
# *************************************
# GOOD REFERRERS - Spared from Checking
# *************************************
# --------------------------------------------
# GOOD REFERRER DOMAINS - Spared from Checking
# --------------------------------------------
# ---------------------------------------------------------------------------------------
# Add all your own web site domain names and server names in this section
# WHITELIST Your Own Domain Names Here using the new Include File Method
# New Method Uses the include file below so that when pulling future updates your
# whitelisted domain names are automatically now included for you.
# Read Comments inside whitelist-domains.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# ---------------------------------------------------------------------------------------
# ************************************************************************
# ------------------------------------------------------------------------
# START WHITELISTED DOMAINS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ************************************************************************
# ------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-domains.conf;
# **********************************************************************
# ----------------------------------------------------------------------
# END WHITELISTED DOMAINS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# **********************************************************************
# ----------------------------------------------------------------------
# ***********************************
# -----------------------------------
# CUSTOM BAD REFERRERS - Add your Own
# ***********************************
# -----------------------------------
# Add any extra bad referrers in the following include file to have them
# permanently included and blocked - avoid duplicates in your custom file
# custom-bad-referrers.conf is BOTH a BLACKLIST AND WHITELIST
# custom-bad-referrers.conf ALLOWS complete over-riding of anything
# If you think google.com is bad you would simply add them to
# custom-bad-referrers.conf with a value of 1
# *************************************************************************
# -------------------------------------------------------------------------
# START CUSTOM BAD REFERRERS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# *************************************************************************
# -------------------------------------------------------------------------
include /etc/nginx/bots.d/custom-bad-referrers.conf;
# ***********************************************************************
# -----------------------------------------------------------------------
# END CUSTOM BAD REFERRERS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ***********************************************************************
# -----------------------------------------------------------------------
# START BAD REFERRERS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)000free\.us(?:\b|)" 1;
@ -7644,137 +7697,49 @@ map $http_referer $bad_referer {
# END BAD REFERRERS ### DO NOT EDIT THIS LINE AT ALL ###
}
# =====================================
# END SECTION 2 - REFERRERS AND DOMAINS
# =====================================
# ***********************************************
# WHITELISTING AND BLACKLISTING IP ADDRESS RANGES
# ***********************************************
# ========================================================================
# BEGIN SECTION 3 - WHITELISTING AND BLACKLISTING IP ADDRESSESE AND RANGES
# ========================================================================
# Geo directive to deny and also whitelist certain ip addresses
# --------------------------------------------------------------------------------------
# Map all GOOD and BAD IP Addresses and Ranges to a variable called geo $validate_client
# --------------------------------------------------------------------------------------
geo $validate_client {
# ********************
# First Our Safety Net
# ********************
# Anything not matching our rules is allowed through with default 0;
default 0;
# ***********************************
# Whitelist all your OWN IP addresses
# ***********************************
# ----------------------------------------------
# Whitelist all your OWN IP addresses and Ranges
# ----------------------------------------------
# --------------------------------------------------------------------------------------
# WHITELIST all your own IP addresses using the include file below.
# New Method Uses the include file below so that when pulling future updates your
# whitelisted IP addresses are automatically now included for you.
# Read Comments inside whitelist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# whitelist-ips.conf reigns supreme !!!
# Whatever you add to whitelist-ips.conf will be whitelisted FULL STOP
# Anything blacklisted above this line will be over-ridden by whitelist-ips.conf
# --------------------------------------------------------------------------------------
# **************************************************************************
# --------------------------------------------------------------------------
# START WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# **************************************************************************
# --------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-ips.conf;
# ************************************************************************
# ------------------------------------------------------------------------
# END WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ************************************************************************
# ------------------------------------------------------------------------
# ****************
# Google IP Ranges
# ****************
# For Safety Sake all Google's Known IP Ranges are all white listed
# START GOOGLE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
108.177.0.0/17 0;
172.217.0.0/16 0;
173.194.0.0/16 0;
2001:4860:4000::/36 0;
203.208.60.0/24 0;
207.126.144.0/20 0;
209.85.128.0/17 0;
216.239.32.0/19 0;
216.58.192.0/19 0;
2404:6800:4000::/36 0;
2607:f8b0:4000::/36 0;
2800:3f0:4000::/36 0;
2a00:1450:4000::/36 0;
2c0f:fb50:4000::/36 0;
35.192.0.0/12 0;
64.18.0.0/20 0;
64.233.160.0/19 0;
64.68.80.0/21 0;
65.52.0.0/14 0;
66.102.0.0/20 0;
66.249.64.0/19 0;
72.14.192.0/18 0;
74.125.0.0/16 0;
# END GOOGLE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# **************
# Bing IP Ranges
# **************
# For Safety Sake all Bing's Known IP Ranges are all white listed
# START BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
131.253.21.0/24 0;
131.253.22.0/23 0;
131.253.24.0/21 0;
131.253.24.0/22 0;
131.253.32.0/20 0;
157.54.0.0/15 0;
157.56.0.0/14 0;
157.60.0.0/16 0;
199.30.16.0/24 0;
199.30.27.0/24 0;
207.46.0.0/16 0;
40.112.0.0/13 0;
40.120.0.0/14 0;
40.124.0.0/16 0;
40.125.0.0/17 0;
40.74.0.0/15 0;
40.76.0.0/14 0;
40.80.0.0/12 0;
40.96.0.0/12 0;
# END BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# ********************
# Cloudflare IP Ranges
# ********************
# For Safety Sake all Cloudflare's Known IP Ranges are all white listed
# START CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
103.21.244.0/22 0;
103.22.200.0/22 0;
103.31.4.0/22 0;
104.16.0.0/12 0;
108.162.192.0/18 0;
131.0.72.0/22 0;
141.101.64.0/18 0;
162.158.0.0/15 0;
172.64.0.0/13 0;
173.245.48.0/20 0;
188.114.96.0/20 0;
190.93.240.0/20 0;
197.234.240.0/22 0;
198.41.128.0/17 0;
199.27.128.0/21 0;
2400:cb00::/32 0;
2405:8100::/32 0;
2405:b500::/32 0;
2606:4700::/32 0;
2803:f800::/32 0;
2a06:98c0::/29 0;
2c0f:f248::/32 0;
# END CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# *************************
# Wordpress Theme Detectors
# *************************
# -------------------------------------
# BLOCK known Wordpress Theme Detectors
# -------------------------------------
# START WP THEME DETECTORS ### DO NOT EDIT THIS LINE AT ALL ###
@ -7818,10 +7783,11 @@ geo $validate_client {
89.36.223.188 1; #www.cuteseotools.net/wordpress-theme-detector
# END WP THEME DETECTORS ### DO NOT EDIT THIS LINE AT ALL ###
# ****************************************
# NIBBLER - SEO testing and reporting tool
# ****************************************
# ----------------------------------------------
# BLOCK NIBBLER - SEO testing and reporting tool
# ----------------------------------------------
# See - http://nibbler.silktide.com/
# ----------------------------------------------
# START NIBBLER ### DO NOT EDIT THIS LINE AT ALL ###
52.201.238.175 1;
@ -7834,33 +7800,10 @@ geo $validate_client {
# END NIBBLER ### DO NOT EDIT THIS LINE AT ALL ###
# ****************************
# Known Bad IP's and IP Ranges
# *************************************************
# Blacklist IP addresses and IP Ranges Customizable
# *************************************************
# BLACKLIST all your IP addresses and Ranges using the new include file below.
# New Method Uses the include file below so that when pulling future updates your
# Custom Blacklisted IP addresses are automatically now included for you.
# Read Comments inside blacklist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# ********************************************************************
# START BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ********************************************************************
include /etc/nginx/bots.d/blacklist-ips.conf;
# ******************************************************************
# END BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ******************************************************************
# *********************************************************************************************
# KNOWN BAD IP ADDRESSES
# Source: https://github.com/mitchellkrogza/Suspicious.Snooping.Sniffing.Hacking.IP.Addresses
# A Reliable Daily Updated List Included Below of Known Bad IP Addresses, Snoopers and Sniffers
# *********************************************************************************************
# -----------------------------------------
# BLOCK KNOWN BAD IP ADDRESSES
# Top known bad IP Adresses from abuseIPDB
# -----------------------------------------
# START KNOWN BAD IP ADDRESSES ### DO NOT EDIT THIS LINE AT ALL ###
193.32.163.89 1;
@ -17864,33 +17807,176 @@ geo $validate_client {
46.101.115.65 1;
# END KNOWN BAD IP ADDRESSES ### DO NOT EDIT THIS LINE AT ALL ###
# --------------------------
# WHITELIST Google IP Ranges
# --------------------------
# START GOOGLE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
108.177.0.0/17 0;
172.217.0.0/16 0;
173.194.0.0/16 0;
2001:4860:4000::/36 0;
203.208.60.0/24 0;
207.126.144.0/20 0;
209.85.128.0/17 0;
216.239.32.0/19 0;
216.58.192.0/19 0;
2404:6800:4000::/36 0;
2607:f8b0:4000::/36 0;
2800:3f0:4000::/36 0;
2a00:1450:4000::/36 0;
2c0f:fb50:4000::/36 0;
35.192.0.0/12 0;
64.18.0.0/20 0;
64.233.160.0/19 0;
64.68.80.0/21 0;
65.52.0.0/14 0;
66.102.0.0/20 0;
66.249.64.0/19 0;
72.14.192.0/18 0;
74.125.0.0/16 0;
# END GOOGLE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# ------------------------
# WHITELIST Bing IP Ranges
# ------------------------
# START BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
131.253.21.0/24 0;
131.253.22.0/23 0;
131.253.24.0/21 0;
131.253.24.0/22 0;
131.253.32.0/20 0;
157.54.0.0/15 0;
157.56.0.0/14 0;
157.60.0.0/16 0;
199.30.16.0/24 0;
199.30.27.0/24 0;
207.46.0.0/16 0;
40.112.0.0/13 0;
40.120.0.0/14 0;
40.124.0.0/16 0;
40.125.0.0/17 0;
40.74.0.0/15 0;
40.76.0.0/14 0;
40.80.0.0/12 0;
40.96.0.0/12 0;
# END BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# ------------------------------
# WHITELIST Cloudflare IP Ranges
# ------------------------------
# START CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
103.21.244.0/22 0;
103.22.200.0/22 0;
103.31.4.0/22 0;
104.16.0.0/12 0;
108.162.192.0/18 0;
131.0.72.0/22 0;
141.101.64.0/18 0;
162.158.0.0/15 0;
172.64.0.0/13 0;
173.245.48.0/20 0;
188.114.96.0/20 0;
190.93.240.0/20 0;
197.234.240.0/22 0;
198.41.128.0/17 0;
199.27.128.0/21 0;
2400:cb00::/32 0;
2405:8100::/32 0;
2405:b500::/32 0;
2606:4700::/32 0;
2803:f800::/32 0;
2a06:98c0::/29 0;
2c0f:f248::/32 0;
# END CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# -------------------------------------------------
# BLACKLIST IP addresses and IP Ranges Customizable
# -------------------------------------------------
# --------------------------------------------------------------------------------------
# BLACKLIST all your IP addresses and Ranges using the new include file below.
# New Method Uses the include file below so that when pulling future updates your
# Custom Blacklisted IP addresses are automatically now included for you.
# Read Comments inside blacklist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# Anything added to blacklist-ips.conf will over-ride anything whitelisted above
# --------------------------------------------------------------------------------------
# --------------------------------------------------------------------
# START BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# --------------------------------------------------------------------
include /etc/nginx/bots.d/blacklist-ips.conf;
# ------------------------------------------------------------------
# END BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ------------------------------------------------------------------
# ----------------------------------------------
# Whitelist all your OWN IP addresses and Ranges
# ----------------------------------------------
# --------------------------------------------------------------------------------------
# WHITELIST all your own IP addresses using the include file below.
# New Method Uses the include file below so that when pulling future updates your
# whitelisted IP addresses are automatically now included for you.
# Read Comments inside whitelist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# whitelist-ips.conf reigns supreme !!!
# Whatever you add to whitelist-ips.conf will be whitelisted FULL STOP
# Anything blacklisted above this line will be over-ridden by whitelist-ips.conf
# --------------------------------------------------------------------------------------
# --------------------------------------------------------------------------
# START WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# --------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-ips.conf;
# ------------------------------------------------------------------------
# END WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ------------------------------------------------------------------------
}
# --------------------------------------------------------------------------------------
# WHITELIST your own IPs from the DDOS Filter
# Add your own IP addresses and ranges into the custom include file whitelist-ips.conf
# to spare them from the rate limiting DDOS filter.
# This section includes the same / single whitelist-ips.conf file so you only
# need to edit that include file and have it include here for you too.
# --------------------------------------------------------------------------------------
geo $ratelimited {
default 1;
# ***************************************************************************
# ---------------------------------------------------------------------------
# START WHITELISTED IP RANGES2 ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ***************************************************************************
# ---------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-ips.conf;
# *************************************************************************
# -------------------------------------------------------------------------
# END WHITELISTED IP RANGES2 ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# *************************************************************************
# -------------------------------------------------------------------------
}
# *****************************************
# MAP BAD BOTS TO OUR RATE LIMITER FUNCTION
# *****************************************
# ======================================================================
# END SECTION 3 - WHITELISTING AND BLACKLISTING IP ADDRESSESE AND RANGES
# ======================================================================
# ============================================
# BEGIN SECTION 4 - ACTIVATE BLOCKER FUNCTIONS
# ============================================
# --------------------------------------------
# 1. MAP BAD BOTS TO OUR RATE LIMITER FUNCTION
# --------------------------------------------
map $bad_bot $bot_iplimit {
0 "";
@ -17898,30 +17984,31 @@ geo $ratelimited {
2 $binary_remote_addr;
}
# ***********************
# SET RATE LIMITING ZONES
# ***********************
# --------------------------
# 2. SET RATE LIMITING ZONES
# --------------------------
# BAD BOT RATE LIMITING ZONE
# limits for Zone $bad_bot = 1
# Nothing Set - you can set a different zone limiter here if you like
# We issue a 444 response instead to all bad bots.
# Rate limiting will only take effect if on any User-Agents with a value of 2
# limits for Zone $bad_bot = 2
# this rate limiting will only take effect if you change any of the bots and change
# their block value from 1 to 2.
limit_conn_zone $bot_iplimit zone=bot2_connlimit:16m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=2r/s;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=12r/m;
### *** MAKE SURE TO ADD to your nginx.conf ***
### server_names_hash_bucket_size 64;
### server_names_hash_max_size 4096;
### limit_req_zone $binary_remote_addr zone=flood:50m rate=90r/s;
### limit_conn_zone $binary_remote_addr zone=addr:50m;
### to allow it to load this large set of domains into memory and to set the rate limiting zones for the DDOS filter.
# ==========================================
# END SECTION 4 - ACTIVATE BLOCKER FUNCTIONS
# ==========================================
### THE END of the Long and Winding Road
# =====================
# END BLOCKER FUNCTIONS
# =====================
### Also check out my Ultimate Apache Bad Bot Blocker on Github
### https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker
### --------------------------------------------
### HELP SUPPORT THIS PROJECT - Send Me a Coffee
### https://ko-fi.com/mitchellkrog
### --------------------------------------------
### FOR APACHE SERVERS
### ---------------------------------------------
### Check out the Ultimate Apache Bad Bot Blocker
### ---------------------------------------------

6
conf.d/globalblacklist-testing-version.conf
View file

@ -4,8 +4,8 @@
### VERSION INFORMATION #
###################################################
### Version: V3.2019.06.1647
### Updated: Thu Jun 27 14:46:42 SAST 2019
### Version: V3.2019.06.1650
### Updated: Thu Jun 27 15:45:52 SAST 2019
### Bad Referrer Count: 6713
### Bad Bot Count: 556
###################################################
@ -17992,7 +17992,7 @@ geo $ratelimited {
# Rate limiting will only take effect if on any User-Agents with a value of 2
limit_conn_zone $bot_iplimit zone=bot2_connlimit:16m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=6r/m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=12r/m;
# ==========================================
# END SECTION 4 - ACTIVATE BLOCKER FUNCTIONS

643
conf.d/globalblacklist.conf
View file

@ -1,16 +1,21 @@
### **********************************
### THE ULTIMATE NGINX BAD BOT BLOCKER
### **********************************
### -----------------------------------------------------------
### THE NGINX ULTIMATE BAD BOT, BAD IP AND BAD REFERRER BLOCKER
### -----------------------------------------------------------
### VERSION INFORMATION #
###################################################
### Version: V4.2019.06.1647
### Updated: Thu Jun 27 14:46:41 SAST 2019
### Version: V4.2019.06.1650
### Updated: Thu Jun 27 15:45:51 SAST 2019
### Bad Referrer Count: 6713
### Bad Bot Count: 556
###################################################
### VERSION INFORMATION ##
### --------------------------------------------
### HELP SUPPORT THIS PROJECT - Send Me a Coffee
### https://ko-fi.com/mitchellkrog
### --------------------------------------------
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
@ -28,12 +33,16 @@
### and also has rate limiting functionality for bad bots who you only want to rate limit
### and not actually block out entirely. It is very powerful and also very flexible.
### --------------------------------------------------------------------------
### Created By: https://github.com/mitchellkrogza/
### Repo Url: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
### Copyright Mitchell Krog - <mitchellkrog@gmail.com>
### Contributors: Stuart Cardall - https://github.com/itoffshore
### --------------------------------------------------------------------------
### --------------------------------------------------------------------------
### Tested on: nginx/1.10.3 up to latest Mainstream Version (Ubuntu 16.04)
### --------------------------------------------------------------------------
### This list was developed and is in use on a live Nginx server running some very busy web sites.
### It was built from the ground up using real data from daily logs and is updated almost daily.
@ -41,9 +50,9 @@
### spam referrers, rogue IP address, scanners, scrapers and domain hijacking sites are extensively checked
### before they are added. It is monitored extensively for any false positives.
### *********
### ---------
### Features:
### *********
### ---------
### Clear formatting for Ease of Maintenance.
### Alphabetically ordered lists for Ease of Maintenance.
### Extensive Commenting for Ease of Reference.
@ -54,40 +63,38 @@
### IP range blocking / whitelisting.
### Rate Limiting Functions.
### ************
### ------------
### INSTALLATION
### ************
### ------------
### PLEASE use the install, setup and update scripts provided for you to ease your installation.
### This Auto Installation procedure is documented in the README.md and AUTO-CONFIGURATION.md files.
### Installation, Setup and Update Scripts Contributed by Stuart Cardall - https://github.com/itoffshore
### There are also manual configuration instructions provided for those not wishing to do an auto install.
### ***********************************************
### -----------------------------------------------
### !!!!! PLEASE READ INLINE NOTES ON TESTING !!!!!
### ***********************************************
### -----------------------------------------------
### Note that:
### SETTINGS:
### ---------------------------------------------
### 0 = allowed - no limits
### 1 = allowed or rate limited less restrictive
### 2 = rate limited more
### 3 = block completely
### ---------------------------------------------
### ************************************************************
### ------------------------------------------------------------
### CONTRIBUTING / PULL REQUESTS / ADDING YOUR OWN BAD REFERRERS
### ************************************************************
### ------------------------------------------------------------
### For contributing, corrections or adding bots or referrers to this repo,
### Send a Pull Request (PR) on any of the .list files in the _generator_lists folder
### All Pull Requests will be checked for accuracy before being merged.
# *********************************
# FIRST BLOCK BY USER-AGENT STRINGS
# *********************************
# ***********************
# -----------------------
# !!!!! PLEASE TEST !!!!!
# ***********************
# -----------------------
# ALWAYS test any User-Agent Strings you add here to make sure you have it right
# Use a Chrome Extension called "User-Agent Switcher for Chrome" where you can create your
@ -98,36 +105,46 @@
# curl -I http://www.yourdomain.com -A "GoogleBot" ---- GIVES YOU: HTTP/1.1 200 OK (Meaning web page was served to Client)
# curl -I http://www.yourdomain.com -A "80legs" ---- GIVES YOU: curl: (52) Empty reply from server (Meaning Nginx gave a 444 Dropped Connection)
# In this section we allow/disallow specific User Agents / Bots.
# *********************************************************************
# Now we map all good and bad user agents to a variable called $bad_bot
# *********************************************************************
# =======================
# START BLOCKER FUNCTIONS
# =======================
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# DO NOT EDIT ANYTHING BELOW THIS LINE !!!
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# =============================
# BEGIN SECTION 1 - USER-AGENTS
# =============================
# ALLOW / BLOCK User Agents / Bots
# -------------------------------------------------------------------
# Map all GOOD and BAD UA (User Agents) to a variable called $bad_bot
# -------------------------------------------------------------------
map $http_user_agent $bad_bot {
default 0;
# ***********************************************
# Include your Own Custom List of Bad User Agents
# ***********************************************
# Use the include file below to further customize your own list of additional user-agents you wish to permanently block
# This include file allows whitelisting and blacklisting of anything specified below it, meaning you can over-ride anything in this blocker to your liking.
# ***********************************************************************************
# -----------------------------------------------------------------------------------
# START CUSTOM BLACKLISTED USER AGENTS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ***********************************************************************************
# -----------------------------------------------------------------------------------
# Include your Own Custom List of Bad User Agents
# Use the include file below to further customize your own list of additional user-agents you wish to permanently block
# This include file allows whitelisting and blacklisting of anything specified below it.
# This include file alows you to over-ride any Bad / Good UA (Bot) declared in this blocker to your liking.
include /etc/nginx/bots.d/blacklist-user-agents.conf;
# *********************************************************************************
# ---------------------------------------------------------------------------------
# END CUSTOM BLACKLISTED USER AGENTS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# *********************************************************************************
# ---------------------------------------------------------------------------------
# *********************************************
# Bad User-Agent Strings That We Block Outright
# *********************************************
# --------------------------------------------------
# BAD UA (User-Agent) Strings That We Block Outright
# --------------------------------------------------
# START BAD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)360Spider(?:\b|)" 3;
@ -688,9 +705,16 @@ map $http_user_agent $bad_bot {
"~*(?:\b)ZyBorg(?:\b|)" 3;
# END BAD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
# ***********************************************
# Allow Good User-Agent Strings We Know and Trust
# ***********************************************
# --------------------------------------------
# GOOD UA User-Agent Strings We Know and Trust
# --------------------------------------------
# -----------------------------------------------------------------------
# You can over-ride these in /etc/nginx/bots.d/blacklist-user-agents.conf
# by adding the same UA line there and chaning its value of 1
# If you think GoogleBot is bad you would simply add them to
# blacklist-user-agents.conf with a value of 1
# -----------------------------------------------------------------------
# START GOOD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)adidxbot(?:\b|)" 0;
@ -727,12 +751,13 @@ map $http_user_agent $bad_bot {
"~*(?:\b)yahoo(?:\b|)" 0;
# END GOOD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
# ***************************************************
# User-Agent Strings Allowed Through but Rate Limited
# ***************************************************
# --------------------------------------------------------
# GOOD UA User-Agent Rate Limiting 1 - Disabled by Default
# --------------------------------------------------------
# Some people block libwww-perl, it used widely in many valid (non rogue) agents
# I allow libwww-perl as I use it for monitoring systems with Munin but it is rate limited
# TO ACTIVATE THIS RATE LIMITING Uncomment these two lines in blockbots.conf
#limit_conn bot1_connlimit 100;
#limit_req zone=bot1_reqlimitip burst=50;
# START ALLOWED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)jetmon(?:\b|)" 1;
@ -743,9 +768,14 @@ map $http_user_agent $bad_bot {
"~*(?:\b)Wget/1.15(?:\b|)" 1;
# END ALLOWED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
# **************************************************************
# Rate Limited User-Agents who get a bit aggressive on bandwidth
# **************************************************************
# -------------------------------------------------------
# GOOD UA User-Agent Rate Limiting 2 - Enabled by Default
# -------------------------------------------------------
# -----------------------------------------------------------------------
# You can over-ride these in /etc/nginx/bots.d/blacklist-user-agents.conf
# by adding the same UA line there and chaning its value of 1
# -----------------------------------------------------------------------
# START LIMITED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)Alexa(?:\b|)" 2;
@ -768,163 +798,186 @@ map $http_user_agent $bad_bot {
# END LIMITED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
}
# *****************************************
# SECOND BLOCK BY REFERRER STRINGS AND URLS
# *****************************************
# ===========================
# END SECTION 1 - USER-AGENTS
# ===========================
# *****************
# =======================================
# BEGIN SECTION 2 - REFERRERS AND DOMAINS
# =======================================
# ----------------
# PLEASE TEST !!!!
# *****************
# ----------------
# ------------------------------------------------------------------------------------------------------------------------------
# ALWAYS test referrers that you add. This is done manually as follows
# ------------------------------------------------------------------------------------------------------------------------------
# curl -I http://www.yourdomain.com -e http://anything.adcash.com --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e http://www.goodwebsite.com/not-adcash --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e http://www.betterwebsite.com/not/adcash --- GIVES YOU: curl: (52) Empty reply from server
# ------------------------------------------------------------------------------------------------------------------------------
# curl -I http://www.yourdomain.com -e http://www.google.com --- GIVES YOU: full html output of the web page
# curl -I http://www.yourdomain.com -e http://www.microsoft.com --- GIVES YOU: full html output of the web page
# ------------------------------------------------------------------------------------------------------------------------------
# Because of case-insensitive matching any combination of capitilization in the names will all produce a positive hit
# make sure you always test thoroughly and monitor logs. This section below also does NOT check for a preceding www.
# and it also does not care if the referrer request was sent with http https or even ftp.
# ------------------------------------------------------------------------------------------------------------------------------
# ***********************************************************************
# Now we map all bad referrer words below to a variable called $bad_words
# ***********************************************************************
# ----------------------------------------------------------------
# Map all BAD referrer words below to a variable called $bad_words
# ----------------------------------------------------------------
# --------------------------------
# START Bad Referrer Word Scanning
# --------------------------------
map $http_referer $bad_words {
default 0;
# **************************
# Bad Referrer Word Scanning
# **************************
# -------------------------------------------------------------------------------------------
# These are Words and Terms often found tagged onto domains or within url query strings.
# Create and Customize Your Own Bad Referrer Words Here using the new Include File Method
# New Method Uses the include file below so that when pulling future updates your
# customized list of bad referrer words are automatically now included for you
# Read Comments inside bad-referrer-words.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# BE VERY CAREFUL using the bad-referrer-words.conf file - please read the comment and
# BE VERY CAREFUL using this bad-referrer-words.conf file - please read the comments and
# examples inside the include file for detailed explanations into how seriously this can
# affect your own site from serving assets or other innocent sites from accessing your site
# For safety sake the whitelist-domains.conf file is also loaded here before the bad-referrer-words.conf file.
# For safety sake the whitelist-domains.conf file is also loaded here before the
# bad-referrer-words.conf file is loaded.
# -------------------------------------------------------------------------------------------
# ************************************************************************
# ------------------------------------------------------------------------
# START WHITELISTED DOMAINS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ************************************************************************
# ------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-domains.conf;
# **********************************************************************
# ----------------------------------------------------------------------
# END WHITELISTED DOMAINS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# **********************************************************************
# ----------------------------------------------------------------------
# ******************************************************************************
# ------------------------------------------------------------------------------
# START CUSTOM BAD REFERRER WORDS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ******************************************************************************
# ------------------------------------------------------------------------------
include /etc/nginx/bots.d/bad-referrer-words.conf;
# ****************************************************************************
# ----------------------------------------------------------------------------
# END CUSTOM BAD REFERRER WORDS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ****************************************************************************
# ----------------------------------------------------------------------------
}
# --------------------------------
# END Bad Referrer Word Scanning
# --------------------------------
# *************************
# Bad Referrer Domain Names
# *************************
# Now a list of bad referrer urls these domains or any combination of them ie .com .net
# will be blocked out. Doesn't matter if the protocol is http, https or even ftp
# ----------------------------------------
# START Good and Bad Referrer Domain Names
# ----------------------------------------
# -------------------------------------------------------------------------------------
# Good and Bad referrer urls Doesn't matter if the protocol is http, https or even ftp
# -------------------------------------------------------------------------------------
# ----------------------
# This section includes:
# **********************
# ----------------------
# --------------------------------------------------------------------------------
# Blocking of SEO company Semalt.com (now merged into this one section)
# MIRAI Botnet Domains Used for Mass Attacks
# Other known bad SEO companies and Ad Hijacking Sites
# Sites linked to malware, adware, clickjacking and ransomware
# Domain names and referrers used in referrer spam and seo hijacking
# Whitelisting of your own GOOD domains / referrers
# Whitelisting of any other GOOD domains / referrers you want explicitly NOT block
# --------------------------------------------------------------------------------
# *****************
# ----------------
# PLEASE TEST !!!!
# *****************
# ----------------
# ------------------------------------------------------------------------------------------------------------------------------------
# ALWAYS test referrers that you add. This is done manually as follows
# ------------------------------------------------------------------------------------------------------------------------------------
# curl -I http://www.yourdomain.com -e http://8gold.com --- GIVES YOU: curl: (52) Empty reply from server
# ------------------------------------------------------------------------------------------------------------------------------------
# Because of case-insensitive matching any combination of capitilization will all produce a positive hit - make sure you always test.
# ------------------------------------------------------------------------------------------------------------------------------------
# For Example any of the following variations below of 8gold.com will be detected and blocked
# ------------------------------------------------------------------------------------------------------------------------------------
# curl -I http://www.yourdomain.com -e http://NOT-8gold.com --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e http://this.is.not8gOlD.net --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e ftp://8gold.com --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e ftp://www.weare8gold.NET --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e https://subdomain.8gold.com --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e https://NOT8GolD.org --- GIVES YOU: curl: (52) Empty reply from server
# ------------------------------------------------------------------------------------------------------------------------------------
# So if you see a bad referrer from wearegoogle.com and you want to block them just add
# them as "~*wearegoogle.com" don't ever go and do something like "~*google(-|.)" you will
# kill all your SEO in a week.
# ------------------------------------------------------------------------------------------------------------------------------------
# To add your own custom bad referrers use the custom include file
# /etc/nginx/bots.d/custom-bad-referrers.conf
# Or send a Pull Request to add it to the global blacklist for other users.
# In the bad referrers section I also include sites that hotlink images without permission.
# ------------------------------------------------------------------------------------------------------------------------------------
# ***********************************************************************
# Now we map all good & bad referrer urls to variable called #bad_referer
# ***********************************************************************
# --------------------------------------------------------------------
# Map all good & bad referrer DOMAINS to a variable called bad_referer
# --------------------------------------------------------------------
map $http_referer $bad_referer {
hostnames;
default 0;
# *************************************
# GOOD REFERRERS - Spared from Checking
# *************************************
# --------------------------------------------
# GOOD REFERRER DOMAINS - Spared from Checking
# --------------------------------------------
# ---------------------------------------------------------------------------------------
# Add all your own web site domain names and server names in this section
# WHITELIST Your Own Domain Names Here using the new Include File Method
# New Method Uses the include file below so that when pulling future updates your
# whitelisted domain names are automatically now included for you.
# Read Comments inside whitelist-domains.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# ---------------------------------------------------------------------------------------
# ************************************************************************
# ------------------------------------------------------------------------
# START WHITELISTED DOMAINS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ************************************************************************
# ------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-domains.conf;
# **********************************************************************
# ----------------------------------------------------------------------
# END WHITELISTED DOMAINS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# **********************************************************************
# ----------------------------------------------------------------------
# ***********************************
# -----------------------------------
# CUSTOM BAD REFERRERS - Add your Own
# ***********************************
# -----------------------------------
# Add any extra bad referrers in the following include file to have them
# permanently included and blocked - avoid duplicates in your custom file
# custom-bad-referrers.conf is BOTH a BLACKLIST AND WHITELIST
# custom-bad-referrers.conf ALLOWS complete over-riding of anything
# If you think google.com is bad you would simply add them to
# custom-bad-referrers.conf with a value of 1
# *************************************************************************
# -------------------------------------------------------------------------
# START CUSTOM BAD REFERRERS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# *************************************************************************
# -------------------------------------------------------------------------
include /etc/nginx/bots.d/custom-bad-referrers.conf;
# ***********************************************************************
# -----------------------------------------------------------------------
# END CUSTOM BAD REFERRERS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ***********************************************************************
# -----------------------------------------------------------------------
# START BAD REFERRERS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)000free\.us(?:\b|)" 1;
@ -7644,137 +7697,49 @@ map $http_referer $bad_referer {
# END BAD REFERRERS ### DO NOT EDIT THIS LINE AT ALL ###
}
# =====================================
# END SECTION 2 - REFERRERS AND DOMAINS
# =====================================
# ***********************************************
# WHITELISTING AND BLACKLISTING IP ADDRESS RANGES
# ***********************************************
# ========================================================================
# BEGIN SECTION 3 - WHITELISTING AND BLACKLISTING IP ADDRESSESE AND RANGES
# ========================================================================
# Geo directive to deny and also whitelist certain ip addresses
# --------------------------------------------------------------------------------------
# Map all GOOD and BAD IP Addresses and Ranges to a variable called geo $validate_client
# --------------------------------------------------------------------------------------
geo $validate_client {
# ********************
# First Our Safety Net
# ********************
# Anything not matching our rules is allowed through with default 0;
default 0;
# ***********************************
# Whitelist all your OWN IP addresses
# ***********************************
# ----------------------------------------------
# Whitelist all your OWN IP addresses and Ranges
# ----------------------------------------------
# --------------------------------------------------------------------------------------
# WHITELIST all your own IP addresses using the include file below.
# New Method Uses the include file below so that when pulling future updates your
# whitelisted IP addresses are automatically now included for you.
# Read Comments inside whitelist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# whitelist-ips.conf reigns supreme !!!
# Whatever you add to whitelist-ips.conf will be whitelisted FULL STOP
# Anything blacklisted above this line will be over-ridden by whitelist-ips.conf
# --------------------------------------------------------------------------------------
# **************************************************************************
# --------------------------------------------------------------------------
# START WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# **************************************************************************
# --------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-ips.conf;
# ************************************************************************
# ------------------------------------------------------------------------
# END WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ************************************************************************
# ------------------------------------------------------------------------
# ****************
# Google IP Ranges
# ****************
# For Safety Sake all Google's Known IP Ranges are all white listed
# START GOOGLE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
108.177.0.0/17 0;
172.217.0.0/16 0;
173.194.0.0/16 0;
2001:4860:4000::/36 0;
203.208.60.0/24 0;
207.126.144.0/20 0;
209.85.128.0/17 0;
216.239.32.0/19 0;
216.58.192.0/19 0;
2404:6800:4000::/36 0;
2607:f8b0:4000::/36 0;
2800:3f0:4000::/36 0;
2a00:1450:4000::/36 0;
2c0f:fb50:4000::/36 0;
35.192.0.0/12 0;
64.18.0.0/20 0;
64.233.160.0/19 0;
64.68.80.0/21 0;
65.52.0.0/14 0;
66.102.0.0/20 0;
66.249.64.0/19 0;
72.14.192.0/18 0;
74.125.0.0/16 0;
# END GOOGLE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# **************
# Bing IP Ranges
# **************
# For Safety Sake all Bing's Known IP Ranges are all white listed
# START BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
131.253.21.0/24 0;
131.253.22.0/23 0;
131.253.24.0/21 0;
131.253.24.0/22 0;
131.253.32.0/20 0;
157.54.0.0/15 0;
157.56.0.0/14 0;
157.60.0.0/16 0;
199.30.16.0/24 0;
199.30.27.0/24 0;
207.46.0.0/16 0;
40.112.0.0/13 0;
40.120.0.0/14 0;
40.124.0.0/16 0;
40.125.0.0/17 0;
40.74.0.0/15 0;
40.76.0.0/14 0;
40.80.0.0/12 0;
40.96.0.0/12 0;
# END BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# ********************
# Cloudflare IP Ranges
# ********************
# For Safety Sake all Cloudflare's Known IP Ranges are all white listed
# START CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
103.21.244.0/22 0;
103.22.200.0/22 0;
103.31.4.0/22 0;
104.16.0.0/12 0;
108.162.192.0/18 0;
131.0.72.0/22 0;
141.101.64.0/18 0;
162.158.0.0/15 0;
172.64.0.0/13 0;
173.245.48.0/20 0;
188.114.96.0/20 0;
190.93.240.0/20 0;
197.234.240.0/22 0;
198.41.128.0/17 0;
199.27.128.0/21 0;
2400:cb00::/32 0;
2405:8100::/32 0;
2405:b500::/32 0;
2606:4700::/32 0;
2803:f800::/32 0;
2a06:98c0::/29 0;
2c0f:f248::/32 0;
# END CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# *************************
# Wordpress Theme Detectors
# *************************
# -------------------------------------
# BLOCK known Wordpress Theme Detectors
# -------------------------------------
# START WP THEME DETECTORS ### DO NOT EDIT THIS LINE AT ALL ###
@ -7818,10 +7783,11 @@ geo $validate_client {
89.36.223.188 1; #www.cuteseotools.net/wordpress-theme-detector
# END WP THEME DETECTORS ### DO NOT EDIT THIS LINE AT ALL ###
# ****************************************
# NIBBLER - SEO testing and reporting tool
# ****************************************
# ----------------------------------------------
# BLOCK NIBBLER - SEO testing and reporting tool
# ----------------------------------------------
# See - http://nibbler.silktide.com/
# ----------------------------------------------
# START NIBBLER ### DO NOT EDIT THIS LINE AT ALL ###
52.201.238.175 1;
@ -7834,33 +7800,10 @@ geo $validate_client {
# END NIBBLER ### DO NOT EDIT THIS LINE AT ALL ###
# ****************************
# Known Bad IP's and IP Ranges
# *************************************************
# Blacklist IP addresses and IP Ranges Customizable
# *************************************************
# BLACKLIST all your IP addresses and Ranges using the new include file below.
# New Method Uses the include file below so that when pulling future updates your
# Custom Blacklisted IP addresses are automatically now included for you.
# Read Comments inside blacklist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# ********************************************************************
# START BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ********************************************************************
include /etc/nginx/bots.d/blacklist-ips.conf;
# ******************************************************************
# END BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ******************************************************************
# *********************************************************************************************
# KNOWN BAD IP ADDRESSES
# Source: https://github.com/mitchellkrogza/Suspicious.Snooping.Sniffing.Hacking.IP.Addresses
# A Reliable Daily Updated List Included Below of Known Bad IP Addresses, Snoopers and Sniffers
# *********************************************************************************************
# -----------------------------------------
# BLOCK KNOWN BAD IP ADDRESSES
# Top known bad IP Adresses from abuseIPDB
# -----------------------------------------
# START KNOWN BAD IP ADDRESSES ### DO NOT EDIT THIS LINE AT ALL ###
193.32.163.89 1;
@ -17864,33 +17807,176 @@ geo $validate_client {
46.101.115.65 1;
# END KNOWN BAD IP ADDRESSES ### DO NOT EDIT THIS LINE AT ALL ###
# --------------------------
# WHITELIST Google IP Ranges
# --------------------------
# START GOOGLE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
108.177.0.0/17 0;
172.217.0.0/16 0;
173.194.0.0/16 0;
2001:4860:4000::/36 0;
203.208.60.0/24 0;
207.126.144.0/20 0;
209.85.128.0/17 0;
216.239.32.0/19 0;
216.58.192.0/19 0;
2404:6800:4000::/36 0;
2607:f8b0:4000::/36 0;
2800:3f0:4000::/36 0;
2a00:1450:4000::/36 0;
2c0f:fb50:4000::/36 0;
35.192.0.0/12 0;
64.18.0.0/20 0;
64.233.160.0/19 0;
64.68.80.0/21 0;
65.52.0.0/14 0;
66.102.0.0/20 0;
66.249.64.0/19 0;
72.14.192.0/18 0;
74.125.0.0/16 0;
# END GOOGLE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# ------------------------
# WHITELIST Bing IP Ranges
# ------------------------
# START BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
131.253.21.0/24 0;
131.253.22.0/23 0;
131.253.24.0/21 0;
131.253.24.0/22 0;
131.253.32.0/20 0;
157.54.0.0/15 0;
157.56.0.0/14 0;
157.60.0.0/16 0;
199.30.16.0/24 0;
199.30.27.0/24 0;
207.46.0.0/16 0;
40.112.0.0/13 0;
40.120.0.0/14 0;
40.124.0.0/16 0;
40.125.0.0/17 0;
40.74.0.0/15 0;
40.76.0.0/14 0;
40.80.0.0/12 0;
40.96.0.0/12 0;
# END BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# ------------------------------
# WHITELIST Cloudflare IP Ranges
# ------------------------------
# START CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
103.21.244.0/22 0;
103.22.200.0/22 0;
103.31.4.0/22 0;
104.16.0.0/12 0;
108.162.192.0/18 0;
131.0.72.0/22 0;
141.101.64.0/18 0;
162.158.0.0/15 0;
172.64.0.0/13 0;
173.245.48.0/20 0;
188.114.96.0/20 0;
190.93.240.0/20 0;
197.234.240.0/22 0;
198.41.128.0/17 0;
199.27.128.0/21 0;
2400:cb00::/32 0;
2405:8100::/32 0;
2405:b500::/32 0;
2606:4700::/32 0;
2803:f800::/32 0;
2a06:98c0::/29 0;
2c0f:f248::/32 0;
# END CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# -------------------------------------------------
# BLACKLIST IP addresses and IP Ranges Customizable
# -------------------------------------------------
# --------------------------------------------------------------------------------------
# BLACKLIST all your IP addresses and Ranges using the new include file below.
# New Method Uses the include file below so that when pulling future updates your
# Custom Blacklisted IP addresses are automatically now included for you.
# Read Comments inside blacklist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# Anything added to blacklist-ips.conf will over-ride anything whitelisted above
# --------------------------------------------------------------------------------------
# --------------------------------------------------------------------
# START BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# --------------------------------------------------------------------
include /etc/nginx/bots.d/blacklist-ips.conf;
# ------------------------------------------------------------------
# END BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ------------------------------------------------------------------
# ----------------------------------------------
# Whitelist all your OWN IP addresses and Ranges
# ----------------------------------------------
# --------------------------------------------------------------------------------------
# WHITELIST all your own IP addresses using the include file below.
# New Method Uses the include file below so that when pulling future updates your
# whitelisted IP addresses are automatically now included for you.
# Read Comments inside whitelist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# whitelist-ips.conf reigns supreme !!!
# Whatever you add to whitelist-ips.conf will be whitelisted FULL STOP
# Anything blacklisted above this line will be over-ridden by whitelist-ips.conf
# --------------------------------------------------------------------------------------
# --------------------------------------------------------------------------
# START WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# --------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-ips.conf;
# ------------------------------------------------------------------------
# END WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ------------------------------------------------------------------------
}
# --------------------------------------------------------------------------------------
# WHITELIST your own IPs from the DDOS Filter
# Add your own IP addresses and ranges into the custom include file whitelist-ips.conf
# to spare them from the rate limiting DDOS filter.
# This section includes the same / single whitelist-ips.conf file so you only
# need to edit that include file and have it include here for you too.
# --------------------------------------------------------------------------------------
geo $ratelimited {
default 1;
# ***************************************************************************
# ---------------------------------------------------------------------------
# START WHITELISTED IP RANGES2 ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ***************************************************************************
# ---------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-ips.conf;
# *************************************************************************
# -------------------------------------------------------------------------
# END WHITELISTED IP RANGES2 ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# *************************************************************************
# -------------------------------------------------------------------------
}
# *****************************************
# MAP BAD BOTS TO OUR RATE LIMITER FUNCTION
# *****************************************
# ======================================================================
# END SECTION 3 - WHITELISTING AND BLACKLISTING IP ADDRESSESE AND RANGES
# ======================================================================
# ============================================
# BEGIN SECTION 4 - ACTIVATE BLOCKER FUNCTIONS
# ============================================
# --------------------------------------------
# 1. MAP BAD BOTS TO OUR RATE LIMITER FUNCTION
# --------------------------------------------
map $bad_bot $bot_iplimit {
0 "";
@ -17898,30 +17984,31 @@ geo $ratelimited {
2 $binary_remote_addr;
}
# ***********************
# SET RATE LIMITING ZONES
# ***********************
# --------------------------
# 2. SET RATE LIMITING ZONES
# --------------------------
# BAD BOT RATE LIMITING ZONE
# limits for Zone $bad_bot = 1
# Nothing Set - you can set a different zone limiter here if you like
# We issue a 444 response instead to all bad bots.
# Rate limiting will only take effect if on any User-Agents with a value of 2
# limits for Zone $bad_bot = 2
# this rate limiting will only take effect if you change any of the bots and change
# their block value from 1 to 2.
limit_conn_zone $bot_iplimit zone=bot2_connlimit:16m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=2r/s;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=12r/m;
### *** MAKE SURE TO ADD to your nginx.conf ***
### server_names_hash_bucket_size 64;
### server_names_hash_max_size 4096;
### limit_req_zone $binary_remote_addr zone=flood:50m rate=90r/s;
### limit_conn_zone $binary_remote_addr zone=addr:50m;
### to allow it to load this large set of domains into memory and to set the rate limiting zones for the DDOS filter.
# ==========================================
# END SECTION 4 - ACTIVATE BLOCKER FUNCTIONS
# ==========================================
### THE END of the Long and Winding Road
# =====================
# END BLOCKER FUNCTIONS
# =====================
### Also check out my Ultimate Apache Bad Bot Blocker on Github
### https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker
### --------------------------------------------
### HELP SUPPORT THIS PROJECT - Send Me a Coffee
### https://ko-fi.com/mitchellkrog
### --------------------------------------------
### FOR APACHE SERVERS
### ---------------------------------------------
### Check out the Ultimate Apache Bad Bot Blocker
### ---------------------------------------------

4
robots.txt/robots.txt
View file

@ -6,8 +6,8 @@
### Version Information #
###################################################
### Version: V4.2019.06.1647
### Updated: Thu Jun 27 14:46:43 SAST 2019
### Version: V4.2019.06.1650
### Updated: Thu Jun 27 15:45:54 SAST 2019
### Bad Bot Count: 556
###################################################
### Version Information ##