vikarti.anatra/nginx-ultimate-bad-bot-blocker
1
0
Fork 0
mirror of https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker.git synced 2025-09-02 10:40:36 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[V4] ADD NEW TEMPLATE REF: #201

Browse source
This commit is contained in:
Mitchell Krog 2019-06-27 15:19:59 +02:00
parent ac254cd606
commit b2ac101dd7
No known key found for this signature in database
GPG key ID: C243C388553EDE5D
55 changed files with 63331 additions and 323 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
.dev-tools/_conf_files_ip_whitelist/.keep Normal file
View file

1
.dev-tools/_conf_files_ip_whitelist/bots.d/.keep Normal file
View file

@ -0,0 +1 @@
null

75
.dev-tools/_conf_files_ip_whitelist/bots.d/bad-referrer-words.conf Normal file
View file

@ -0,0 +1,75 @@
# EDIT THIS FILE AS YOU LIKE TO ADD OR REMOVE ANY BAD WORDS YOU WANT TO SCAN FOR ###
### VERSION INFORMATION #
###################################################
### Version: V4.2019.07
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# This is merely an example and gets auto included as since Version 2.2017.07 introduced on 2017-04-20
# This file must exist on your system or Nginx will fail a reload due to a missing file
# For all intensive purpose you can delete everything inside this file and leave it
# completely blank if you do not want your Nginx Blocker to include scanning for bad words within urls or referrer string
# Only add one entry per line
# *******************************
# !!! WARNING WARNING WARNING !!!
# *******************************
# ***************************************
# PLEASE BE VERY CAREFUL HOW YOU USE THIS
# ***************************************
# Here is an example of how one supposed bad word can cause your whole site to go down.
# An issue was logged where the users own domain name was specialisteparquet.com
# Because this list contained the word "cialis" it was detected within his domain name causing
# his entire site to go down and not server any assets.
# That one entry would even cause any site containing a word like "specialist" anywhere in any
# of their sites pages to cause them to be blocked and whitelisting your own domain name in the
# whitelist-domains.conf file will not even bypass this, SO BE CAREFUL PLEASE
# Think very carefully before you add any word here
# *****************************************************************************************
# PLEASE MAKE SURE that you use word regex boundaries to avoid false positive detection !!!
# *****************************************************************************************
# BY DEFAULT ALL THE EXAMPLES BELOW ARE COMMENTED OUT AND HENCE NOT ENABLED
# As you can see in the examples below the word "adultgalls" is entered with a preceding \b and an ending \b
# this makes it now "\badultgalls\b". It is crucial to use the word boundaries regex formatting.
# ---------
# EXAMPLES:
# ---------
# "~*\badultgalls\b" 1;
# "~*\bamateurxpass\b" 1;
# "~*\bbigblackbooty\b" 1;
# "~*\bblacktits\b" 1;
# "~*\bcookie\-law\-enforcement\b" 1;
# "~*\bfree\-share\-buttons\b" 1;
# "~*\bfree\-social\-buttons\b" 1;
# "~*\bfuck\-paid\-share\-buttons\b" 1;
# "~*\bilovevitaly\b" 1;
# "~*\blaw\-enforcement\-bot\b" 1;
# "~*\blaw\-enforcement\-check\b" 1;
# "~*\bshare\-buttons\-for\-free\b" 1;
# "~*\bwebfuck\b" 1;
# "~*\bxxxrus\b" 1;
# "~*\bzeroredirect\b" 1;
"~*(?:\b)thisisabadword(?:\b|)" 1;
"~*(?:\b)thisisanotherbadword(?:\b|)" 1;

45
.dev-tools/_conf_files_ip_whitelist/bots.d/blacklist-domains.conf Normal file
View file

@ -0,0 +1,45 @@
# EDIT THIS FILE AS YOU LIKE TO BLACKLIST YOUR OWN CUSTOM DOMAIN NAMES ###
### VERSION INFORMATION #
###################################################
### Version: V4.2019.05
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Add One Entry Per Line - List all your own extra domains you want to blacklist.
# This file must exist on your system or Nginx will fail a reload due to a missing file
# Automatic updates will never be able to remove this custom list of yours
# Add One Entry Per Line
# Make sure any domains have dots and special characters escaped as per the Regex examples below.
# For example myblacklisteddomainname.com should be entered as myfirstowndomainname\.com
# and my-second-blacklisted.com should be entered as my\-second\-owndomainname\.com
# *****************************************************************************************
# PLEASE MAKE SURE that you use word regex boundaries to avoid false positive detection !!!
# *****************************************************************************************
# As you can see in the examples below the domain "myblacklisteddomainname\.com" is entered with a preceding \b and an ending \b
# this makes it now "\bmyblacklisteddomainname\.com\b". It is crucial to use the word boundaries regex formatting.
# BY DEFAULT ALL THE EXAMPLES BELOW ARE COMMENTED OUT AND HENCE NOT ENABLED
# ---------
# EXAMPLES:
# ---------
# "~*\bmyblacklisteddomainname\.com\b" 1;
# "~*\bmy\-second\-blacklisted\.com\b" 1;

2
.dev-tools/_conf_files_ip_whitelist/bots.d/blacklist-ips.conf Normal file
View file

@ -0,0 +1,2 @@
104.154.120.187 1;
127.0.0.1 1;

61
.dev-tools/_conf_files_ip_whitelist/bots.d/blacklist-user-agents.conf Normal file
View file

@ -0,0 +1,61 @@
# EDIT THIS FILE AS YOU LIKE TO BLACKLIST OR WHITELIST ANY BAD USER-AGENT STRINGS YOU WANT TO SCAN FOR
# ****************************************************************************************************
### VERSION INFORMATION #
###################################################
### Version: V3.2018.05
### Updated: 2018-08-21
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Add One Entry Per Line - List all the extra bad User-Agents you want to permanently block or whitelist.
# This is for User-Agents that are not included in the main list of the bot blocker
# This file must exist on your system or Nginx will fail a reload due to a missing file
# This allows you finer control of keeping certain bots blocked and automatic updates will
# Never be able to remove this custom list of yours
# Please note this include file loads first before any of the already whitelisted User-Agents
# in the bad bot blocker. By loading first in line it over-rides anything below it so for instance
# if you want to block Baidu, Google or Bing for any reason you add them to this file which loads
# first and takes precedence over anything below it. This now allows even finer control over the
# bad bot blocker. Enjoy !!!
# Even though this file is called blacklist-user-agents, as mentioned it can also be used to whitelist user agents
# By adding them below and setting the 3; to 0; this will permanently whitelist the User-Agent.
# Make sure any words that contain special characters are escaped and include word boundaries as per the Regex examples below.
# Example the User-Agent name "someverybaduseragentname1" is entered as "\bsomeverybaduseragentname1\b"
# Example the User-Agent name "some-very-bad-useragentname2" is entered as "\bsome\-very\-bad\-useragentname1\b"
# the "\b" are word boundaries which prevents partial matching and false positives.
# BY DEFAULT ALL THE EXAMPLES BELOW ARE COMMENTED OUT AND HENCE NOT ENABLED
# ---------------------
# WHITELISTING EXAMPLES
# ---------------------
# "~*\bsomeverygooduseragentname1\b" 0;
# "~*\bsomeverygooduseragentname2\b" 0;
# "~*\bsome\-very\-good\-useragentname2\b" 0;
# ---------------------
# BLACKLISTING EXAMPLES
# ---------------------
# "~*\bsomeverybaduseragentname1\b" 3;
# "~*\bsomeverybaduseragentname2\b" 3;
# "~*\bsome\-very\-bad\-useragentname2\b" 3;

85
.dev-tools/_conf_files_ip_whitelist/bots.d/blockbots.conf Normal file
View file

@ -0,0 +1,85 @@
# Author: Mitchell Krog <mitchellkrog@gmail.com> - https://github.com/mitchellkrogza/
### VERSION INFORMATION #
###################################################
### Version: V4.2019.03
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Include this in a vhost file within a server {} block using and include statement like below
# server {
# #Config stuff here
# include /etc/nginx/bots.d/blockbots.conf
# include /etc/nginx/bots.d/ddos.conf
# #Other config stuff here
# }
#######################################################################
# -----------------------------------
# OVER-RIDE BLOCKER / SUPER WHITELIST
# -----------------------------------
# In this block you can allow any IP address specified here to over-ride any bad bot or IP blocking of the blocker.
# This is useful for testing or allowing only specific IP's (ie. Internal ranges) to never be blocked.
# More IP's can be added example > "(127.0.0.1)|(192.168.0.1)|(192.168.1.1)"
# If you even blacklisted 127.0.0.1 or your own IP by giving it a value of 1 in any of the includes, this will over-ride that block.
# UNCOMMENT THE NEXT 4 LINES TO ACTIVATE THE SUPER WHITELIST
#if ($remote_addr ~ "(127.0.0.1)|(192.168.0.1)" ) {
#set $bad_bot '0'; #Uncommenting this line will disable bad_bots functionality for specified IP(s)
#set $validate_client '0'; #Uncommenting this line will disable validate_client ip blocking functionality for specified IP(s)
#}
# --------------
# BLOCK BAD BOTS
# --------------
# Section bot_1 Unused
#limit_conn bot1_connlimit 100;
#limit_req zone=bot1_reqlimitip burst=50;
limit_conn bot2_connlimit 10;
limit_req zone=bot2_reqlimitip burst=10;
if ($bad_bot = '3') {
return 444;
}
# ---------------------
# BLOCK BAD REFER WORDS
# ---------------------
if ($bad_words) {
return 444;
}
# ------------------
# BLOCK BAD REFERERS
# ------------------
if ($bad_referer) {
return 444;
}
# -----------------------------
# BLOCK IP ADDRESSES and RANGES
# -----------------------------
if ($validate_client) {
return 444;
}
#######################################################################

48
.dev-tools/_conf_files_ip_whitelist/bots.d/custom-bad-referrers.conf Normal file
View file

@ -0,0 +1,48 @@
# EDIT THIS FILE AS YOU LIKE TO ADD ANY ADDITIONAL BAD REFERRER DOMAINS YOU WANT TO SCAN FOR ###
### VERSION INFORMATION #
###################################################
### Version: V4.2019.07
### Updated: 2019-06-25
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# This is merely an example and gets auto included as since Version 2.2017.07 introduced on 2017-04-20
# This file must exist on your system or Nginx will fail a reload due to a missing file
# Only add one entry per line
# Make sure any domains have dots and special characters escaped as per the Regex examples below.
# For example some-veryvery-randomwebsitename-thatdoesnotexist4.com should be entered as
# some\-veryvery\-randomwebsitename\-thatdoesnotexist4\.com
# *****************************************************************************************
# PLEASE MAKE SURE that you use word regex boundaries to avoid false positive detection !!!
# *****************************************************************************************
# As you can see in the examples below the domain "someveryveryrandomwebsitenamethatdoesnotexist1\.com"
# is entered with a preceding \b and an ending \b
# this makes it now "\bsomeveryveryrandomwebsitenamethatdoesnotexist1\.com\b".
# It is crucial to use the word boundaries regex formatting.
# ---------
# EXAMPLES:
# ---------
# BY DEFAULT ALL THE EXAMPLES BELOW ARE COMMENTED OUT AND HENCE NOT ENABLED
# "~*(?:\b)someveryveryrandomwebsitenamethatdoesnotexist1\.com(?:\b|)" 1;
# "~*(?:\b)someveryveryrandomwebsitenamethatdoesnotexist2\.com(?:\b|)" 1;
# "~*(?:\b)someveryveryrandomwebsitenamethatdoesnotexist3\.com(?:\b|)" 1;
# "~*(?:\b)some\-veryvery\-randomweb\-sitenamethatdoesnotexist4\.com(?:\b|)" 1;

36
.dev-tools/_conf_files_ip_whitelist/bots.d/ddos.conf Normal file
View file

@ -0,0 +1,36 @@
#######################################################################
### VERSION INFORMATION #
###################################################
### Version: V4.2019.02
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Author: Mitchell Krog <mitchellkrog@gmail.com> - https://github.com/mitchellkrogza/
# Include this in a vhost file within a server {} block using and include statement like below
# server {
# #Config stuff here
# include /etc/nginx/bots.d/blockbots.conf
# include /etc/nginx/bots.d/ddos.conf
# #Other config stuff here
# }
#######################################################################
limit_conn addr 200;
limit_req zone=flood burst=200 nodelay;

47
.dev-tools/_conf_files_ip_whitelist/bots.d/whitelist-domains.conf Normal file
View file

@ -0,0 +1,47 @@
# EDIT THIS FILE AS YOU LIKE TO WHITELIST YOUR OWN DOMAIN NAMES AND SPARE THEM FROM ANY REFERRER CHECKING ###
### VERSION INFORMATION #
###################################################
### Version: V4.2019.05
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Add One Entry Per Line - List all your own domains of the sites you host on the server
# This file must exist on your system or Nginx will fail a reload due to a missing file
# Automatic updates will never be able to remove this custom list of yours
# Add One Entry Per Line
# Make sure any domains have dots and special characters escaped as per the Regex examples below.
# For example myfirstowndomainname.com should be entered as myfirstowndomainname\.com
# and my-second-owndomainname.com should be entered as my\-second\-owndomainname\.com
# *****************************************************************************************
# PLEASE MAKE SURE that you use word regex boundaries to avoid false positive detection !!!
# *****************************************************************************************
# As you can see in the examples below the domain "myfirstowndomainname\.com" is entered with a preceding \b and an ending \b
# this makes it now "\bmyfirstowndomainname\.com\b". It is crucial to use the word boundaries regex formatting.
# BY DEFAULT ALL THE EXAMPLES BELOW ARE COMMENTED OUT AND HENCE NOT ENABLED
# ---------
# EXAMPLES:
# ---------
# "~*\bmyfirstowndomainname\.com\b" 0;
# "~*\bmy\-second\-owndomainname\.com\b" 0;
"~*(?:\b)myowndomain\.com(?:\b|)" 0;
"~*(?:\b)myotherdomain\.com(?:\b|)" 0;

5
.dev-tools/_conf_files_ip_whitelist/bots.d/whitelist-ips.conf Normal file
View file

@ -0,0 +1,5 @@
104.154.120.187 0;
127.0.0.1 1;
127.0.0.1 1;
127.0.0.1 1;
127.0.0.1 0;

1
.dev-tools/_conf_files_ip_whitelist/conf.d/.keep Normal file
View file

@ -0,0 +1 @@
null

31
.dev-tools/_conf_files_ip_whitelist/conf.d/botblocker-nginx-settings.conf Normal file
View file

@ -0,0 +1,31 @@
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Version 1.1
# ! new directives also to be added to include_filelist.txt ! #
server_names_hash_bucket_size 256;
server_names_hash_max_size 4096;
variables_hash_max_size 4096;
variables_hash_bucket_size 4096;
limit_req_zone $binary_remote_addr zone=flood:50m rate=90r/s;
limit_conn_zone $binary_remote_addr zone=addr:50m;
# ****************************************************************************
# NOTE: IF you are using a system like Nginx-Proxy from @JWilder
# ****************************************************************************
# Repo URL: https://github.com/jwilder/nginx-proxy
# You will need to comment out the first line here as follows.
# #server_names_hash_bucket_size 128;
# You will also need to modify the nginx.tmpl file to add the default include
# include /etc/nginx/conf.d/*
# ****************************************************************************

18014
.dev-tools/_conf_files_ip_whitelist/conf.d/globalblacklist.conf Normal file
View file

File diff suppressed because it is too large Load diff

16
.dev-tools/_conf_files_ip_whitelist/default.vhost Normal file
View file

@ -0,0 +1,16 @@
server {
# Bad Bot Blocker
include /etc/nginx/bots.d/ddos.conf;
include /etc/nginx/bots.d/blockbots.conf;
listen *:9000;
root /var/www/html;
server_name localhost;
charset UTF-8;
index index.html;
location / {
root /var/www/html/;
}
}

85
.dev-tools/_conf_files_ip_whitelist/nginx.conf Normal file
View file

@ -0,0 +1,85 @@
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}

0
.dev-tools/_conf_files_ratelimiting/.keep Normal file
View file

1
.dev-tools/_conf_files_ratelimiting/bots.d/.keep Normal file
View file

@ -0,0 +1 @@
null

75
.dev-tools/_conf_files_ratelimiting/bots.d/bad-referrer-words.conf Normal file
View file

@ -0,0 +1,75 @@
# EDIT THIS FILE AS YOU LIKE TO ADD OR REMOVE ANY BAD WORDS YOU WANT TO SCAN FOR ###
### VERSION INFORMATION #
###################################################
### Version: V4.2019.07
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# This is merely an example and gets auto included as since Version 2.2017.07 introduced on 2017-04-20
# This file must exist on your system or Nginx will fail a reload due to a missing file
# For all intensive purpose you can delete everything inside this file and leave it
# completely blank if you do not want your Nginx Blocker to include scanning for bad words within urls or referrer string
# Only add one entry per line
# *******************************
# !!! WARNING WARNING WARNING !!!
# *******************************
# ***************************************
# PLEASE BE VERY CAREFUL HOW YOU USE THIS
# ***************************************
# Here is an example of how one supposed bad word can cause your whole site to go down.
# An issue was logged where the users own domain name was specialisteparquet.com
# Because this list contained the word "cialis" it was detected within his domain name causing
# his entire site to go down and not server any assets.
# That one entry would even cause any site containing a word like "specialist" anywhere in any
# of their sites pages to cause them to be blocked and whitelisting your own domain name in the
# whitelist-domains.conf file will not even bypass this, SO BE CAREFUL PLEASE
# Think very carefully before you add any word here
# *****************************************************************************************
# PLEASE MAKE SURE that you use word regex boundaries to avoid false positive detection !!!
# *****************************************************************************************
# BY DEFAULT ALL THE EXAMPLES BELOW ARE COMMENTED OUT AND HENCE NOT ENABLED
# As you can see in the examples below the word "adultgalls" is entered with a preceding \b and an ending \b
# this makes it now "\badultgalls\b". It is crucial to use the word boundaries regex formatting.
# ---------
# EXAMPLES:
# ---------
# "~*\badultgalls\b" 1;
# "~*\bamateurxpass\b" 1;
# "~*\bbigblackbooty\b" 1;
# "~*\bblacktits\b" 1;
# "~*\bcookie\-law\-enforcement\b" 1;
# "~*\bfree\-share\-buttons\b" 1;
# "~*\bfree\-social\-buttons\b" 1;
# "~*\bfuck\-paid\-share\-buttons\b" 1;
# "~*\bilovevitaly\b" 1;
# "~*\blaw\-enforcement\-bot\b" 1;
# "~*\blaw\-enforcement\-check\b" 1;
# "~*\bshare\-buttons\-for\-free\b" 1;
# "~*\bwebfuck\b" 1;
# "~*\bxxxrus\b" 1;
# "~*\bzeroredirect\b" 1;
"~*(?:\b)thisisabadword(?:\b|)" 1;
"~*(?:\b)thisisanotherbadword(?:\b|)" 1;

45
.dev-tools/_conf_files_ratelimiting/bots.d/blacklist-domains.conf Normal file
View file

@ -0,0 +1,45 @@
# EDIT THIS FILE AS YOU LIKE TO BLACKLIST YOUR OWN CUSTOM DOMAIN NAMES ###
### VERSION INFORMATION #
###################################################
### Version: V4.2019.05
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Add One Entry Per Line - List all your own extra domains you want to blacklist.
# This file must exist on your system or Nginx will fail a reload due to a missing file
# Automatic updates will never be able to remove this custom list of yours
# Add One Entry Per Line
# Make sure any domains have dots and special characters escaped as per the Regex examples below.
# For example myblacklisteddomainname.com should be entered as myfirstowndomainname\.com
# and my-second-blacklisted.com should be entered as my\-second\-owndomainname\.com
# *****************************************************************************************
# PLEASE MAKE SURE that you use word regex boundaries to avoid false positive detection !!!
# *****************************************************************************************
# As you can see in the examples below the domain "myblacklisteddomainname\.com" is entered with a preceding \b and an ending \b
# this makes it now "\bmyblacklisteddomainname\.com\b". It is crucial to use the word boundaries regex formatting.
# BY DEFAULT ALL THE EXAMPLES BELOW ARE COMMENTED OUT AND HENCE NOT ENABLED
# ---------
# EXAMPLES:
# ---------
# "~*\bmyblacklisteddomainname\.com\b" 1;
# "~*\bmy\-second\-blacklisted\.com\b" 1;

2
.dev-tools/_conf_files_ratelimiting/bots.d/blacklist-ips.conf Normal file
View file

@ -0,0 +1,2 @@
104.154.120.187 1;
127.0.0.1 1;

63
.dev-tools/_conf_files_ratelimiting/bots.d/blacklist-user-agents.conf Normal file
View file

@ -0,0 +1,63 @@
# EDIT THIS FILE AS YOU LIKE TO BLACKLIST OR WHITELIST ANY BAD USER-AGENT STRINGS YOU WANT TO SCAN FOR
# ****************************************************************************************************
### VERSION INFORMATION #
###################################################
### Version: V3.2018.05
### Updated: 2018-08-21
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Add One Entry Per Line - List all the extra bad User-Agents you want to permanently block or whitelist.
# This is for User-Agents that are not included in the main list of the bot blocker
# This file must exist on your system or Nginx will fail a reload due to a missing file
# This allows you finer control of keeping certain bots blocked and automatic updates will
# Never be able to remove this custom list of yours
# Please note this include file loads first before any of the already whitelisted User-Agents
# in the bad bot blocker. By loading first in line it over-rides anything below it so for instance
# if you want to block Baidu, Google or Bing for any reason you add them to this file which loads
# first and takes precedence over anything below it. This now allows even finer control over the
# bad bot blocker. Enjoy !!!
# Even though this file is called blacklist-user-agents, as mentioned it can also be used to whitelist user agents
# By adding them below and setting the 3; to 0; this will permanently whitelist the User-Agent.
# Make sure any words that contain special characters are escaped and include word boundaries as per the Regex examples below.
# Example the User-Agent name "someverybaduseragentname1" is entered as "\bsomeverybaduseragentname1\b"
# Example the User-Agent name "some-very-bad-useragentname2" is entered as "\bsome\-very\-bad\-useragentname1\b"
# the "\b" are word boundaries which prevents partial matching and false positives.
# BY DEFAULT ALL THE EXAMPLES BELOW ARE COMMENTED OUT AND HENCE NOT ENABLED
# ---------------------
# WHITELISTING EXAMPLES
# ---------------------
# "~*\bsomeverygooduseragentname1\b" 0;
# "~*\bsomeverygooduseragentname2\b" 0;
# "~*\bsome\-very\-good\-useragentname2\b" 0;
# ---------------------
# BLACKLISTING EXAMPLES
# ---------------------
# "~*\bsomeverybaduseragentname1\b" 3;
# "~*\bsomeverybaduseragentname2\b" 3;
# "~*\bsome\-very\-bad\-useragentname2\b" 3;
# START MAKE BAD BOTS GOOD ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)GoogleBot(?:\b|)" 2;
# END MAKE BAD BOTS GOOD ### DO NOT EDIT THIS LINE AT ALL ###

85
.dev-tools/_conf_files_ratelimiting/bots.d/blockbots.conf Normal file
View file

@ -0,0 +1,85 @@
# Author: Mitchell Krog <mitchellkrog@gmail.com> - https://github.com/mitchellkrogza/
### VERSION INFORMATION #
###################################################
### Version: V4.2019.03
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Include this in a vhost file within a server {} block using and include statement like below
# server {
# #Config stuff here
# include /etc/nginx/bots.d/blockbots.conf
# include /etc/nginx/bots.d/ddos.conf
# #Other config stuff here
# }
#######################################################################
# -----------------------------------
# OVER-RIDE BLOCKER / SUPER WHITELIST
# -----------------------------------
# In this block you can allow any IP address specified here to over-ride any bad bot or IP blocking of the blocker.
# This is useful for testing or allowing only specific IP's (ie. Internal ranges) to never be blocked.
# More IP's can be added example > "(127.0.0.1)|(192.168.0.1)|(192.168.1.1)"
# If you even blacklisted 127.0.0.1 or your own IP by giving it a value of 1 in any of the includes, this will over-ride that block.
# UNCOMMENT THE NEXT 4 LINES TO ACTIVATE THE SUPER WHITELIST
#if ($remote_addr ~ "(127.0.0.1)|(192.168.0.1)" ) {
#set $bad_bot '0'; #Uncommenting this line will disable bad_bots functionality for specified IP(s)
#set $validate_client '0'; #Uncommenting this line will disable validate_client ip blocking functionality for specified IP(s)
#}
# --------------
# BLOCK BAD BOTS
# --------------
# Section bot_1 Unused
#limit_conn bot1_connlimit 100;
#limit_req zone=bot1_reqlimitip burst=50;
limit_conn bot2_connlimit 10;
limit_req zone=bot2_reqlimitip burst=10;
if ($bad_bot = '3') {
return 444;
}
# ---------------------
# BLOCK BAD REFER WORDS
# ---------------------
if ($bad_words) {
return 444;
}
# ------------------
# BLOCK BAD REFERERS
# ------------------
if ($bad_referer) {
return 444;
}
# -----------------------------
# BLOCK IP ADDRESSES and RANGES
# -----------------------------
if ($validate_client) {
return 444;
}
#######################################################################

48
.dev-tools/_conf_files_ratelimiting/bots.d/custom-bad-referrers.conf Normal file
View file

@ -0,0 +1,48 @@
# EDIT THIS FILE AS YOU LIKE TO ADD ANY ADDITIONAL BAD REFERRER DOMAINS YOU WANT TO SCAN FOR ###
### VERSION INFORMATION #
###################################################
### Version: V4.2019.07
### Updated: 2019-06-25
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# This is merely an example and gets auto included as since Version 2.2017.07 introduced on 2017-04-20
# This file must exist on your system or Nginx will fail a reload due to a missing file
# Only add one entry per line
# Make sure any domains have dots and special characters escaped as per the Regex examples below.
# For example some-veryvery-randomwebsitename-thatdoesnotexist4.com should be entered as
# some\-veryvery\-randomwebsitename\-thatdoesnotexist4\.com
# *****************************************************************************************
# PLEASE MAKE SURE that you use word regex boundaries to avoid false positive detection !!!
# *****************************************************************************************
# As you can see in the examples below the domain "someveryveryrandomwebsitenamethatdoesnotexist1\.com"
# is entered with a preceding \b and an ending \b
# this makes it now "\bsomeveryveryrandomwebsitenamethatdoesnotexist1\.com\b".
# It is crucial to use the word boundaries regex formatting.
# ---------
# EXAMPLES:
# ---------
# BY DEFAULT ALL THE EXAMPLES BELOW ARE COMMENTED OUT AND HENCE NOT ENABLED
# "~*(?:\b)someveryveryrandomwebsitenamethatdoesnotexist1\.com(?:\b|)" 1;
# "~*(?:\b)someveryveryrandomwebsitenamethatdoesnotexist2\.com(?:\b|)" 1;
# "~*(?:\b)someveryveryrandomwebsitenamethatdoesnotexist3\.com(?:\b|)" 1;
# "~*(?:\b)some\-veryvery\-randomweb\-sitenamethatdoesnotexist4\.com(?:\b|)" 1;

36
.dev-tools/_conf_files_ratelimiting/bots.d/ddos.conf Normal file
View file

@ -0,0 +1,36 @@
#######################################################################
### VERSION INFORMATION #
###################################################
### Version: V4.2019.02
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Author: Mitchell Krog <mitchellkrog@gmail.com> - https://github.com/mitchellkrogza/
# Include this in a vhost file within a server {} block using and include statement like below
# server {
# #Config stuff here
# include /etc/nginx/bots.d/blockbots.conf
# include /etc/nginx/bots.d/ddos.conf
# #Other config stuff here
# }
#######################################################################
limit_conn addr 200;
limit_req zone=flood burst=200 nodelay;

47
.dev-tools/_conf_files_ratelimiting/bots.d/whitelist-domains.conf Normal file
View file

@ -0,0 +1,47 @@
# EDIT THIS FILE AS YOU LIKE TO WHITELIST YOUR OWN DOMAIN NAMES AND SPARE THEM FROM ANY REFERRER CHECKING ###
### VERSION INFORMATION #
###################################################
### Version: V4.2019.05
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Add One Entry Per Line - List all your own domains of the sites you host on the server
# This file must exist on your system or Nginx will fail a reload due to a missing file
# Automatic updates will never be able to remove this custom list of yours
# Add One Entry Per Line
# Make sure any domains have dots and special characters escaped as per the Regex examples below.
# For example myfirstowndomainname.com should be entered as myfirstowndomainname\.com
# and my-second-owndomainname.com should be entered as my\-second\-owndomainname\.com
# *****************************************************************************************
# PLEASE MAKE SURE that you use word regex boundaries to avoid false positive detection !!!
# *****************************************************************************************
# As you can see in the examples below the domain "myfirstowndomainname\.com" is entered with a preceding \b and an ending \b
# this makes it now "\bmyfirstowndomainname\.com\b". It is crucial to use the word boundaries regex formatting.
# BY DEFAULT ALL THE EXAMPLES BELOW ARE COMMENTED OUT AND HENCE NOT ENABLED
# ---------
# EXAMPLES:
# ---------
# "~*\bmyfirstowndomainname\.com\b" 0;
# "~*\bmy\-second\-owndomainname\.com\b" 0;
"~*(?:\b)myowndomain\.com(?:\b|)" 0;
"~*(?:\b)myotherdomain\.com(?:\b|)" 0;

5
.dev-tools/_conf_files_ratelimiting/bots.d/whitelist-ips.conf Normal file
View file

@ -0,0 +1,5 @@
104.154.120.187 0;
127.0.0.1 1;
127.0.0.1 1;
127.0.0.1 1;
127.0.0.1 0;

1
.dev-tools/_conf_files_ratelimiting/conf.d/.keep Normal file
View file

@ -0,0 +1 @@
null

31
.dev-tools/_conf_files_ratelimiting/conf.d/botblocker-nginx-settings.conf Normal file
View file

@ -0,0 +1,31 @@
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Version 1.1
# ! new directives also to be added to include_filelist.txt ! #
server_names_hash_bucket_size 256;
server_names_hash_max_size 4096;
variables_hash_max_size 4096;
variables_hash_bucket_size 4096;
limit_req_zone $binary_remote_addr zone=flood:50m rate=90r/s;
limit_conn_zone $binary_remote_addr zone=addr:50m;
# ****************************************************************************
# NOTE: IF you are using a system like Nginx-Proxy from @JWilder
# ****************************************************************************
# Repo URL: https://github.com/jwilder/nginx-proxy
# You will need to comment out the first line here as follows.
# #server_names_hash_bucket_size 128;
# You will also need to modify the nginx.tmpl file to add the default include
# include /etc/nginx/conf.d/*
# ****************************************************************************

18014
.dev-tools/_conf_files_ratelimiting/conf.d/globalblacklist.conf Normal file
View file

File diff suppressed because it is too large Load diff

16
.dev-tools/_conf_files_ratelimiting/default.vhost Normal file
View file

@ -0,0 +1,16 @@
server {
# Bad Bot Blocker
include /etc/nginx/bots.d/ddos.conf;
include /etc/nginx/bots.d/blockbots.conf;
listen *:9000;
root /var/www/html;
server_name localhost;
charset UTF-8;
index index.html;
location / {
root /var/www/html/;
}
}

85
.dev-tools/_conf_files_ratelimiting/nginx.conf Normal file
View file

@ -0,0 +1,85 @@
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}

0
.dev-tools/_conf_files_whitelist/.keep Normal file
View file

1
.dev-tools/_conf_files_whitelist/bots.d/.keep Normal file
View file

@ -0,0 +1 @@
null

75
.dev-tools/_conf_files_whitelist/bots.d/bad-referrer-words.conf Normal file
View file

@ -0,0 +1,75 @@
# EDIT THIS FILE AS YOU LIKE TO ADD OR REMOVE ANY BAD WORDS YOU WANT TO SCAN FOR ###
### VERSION INFORMATION #
###################################################
### Version: V4.2019.07
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# This is merely an example and gets auto included as since Version 2.2017.07 introduced on 2017-04-20
# This file must exist on your system or Nginx will fail a reload due to a missing file
# For all intensive purpose you can delete everything inside this file and leave it
# completely blank if you do not want your Nginx Blocker to include scanning for bad words within urls or referrer string
# Only add one entry per line
# *******************************
# !!! WARNING WARNING WARNING !!!
# *******************************
# ***************************************
# PLEASE BE VERY CAREFUL HOW YOU USE THIS
# ***************************************
# Here is an example of how one supposed bad word can cause your whole site to go down.
# An issue was logged where the users own domain name was specialisteparquet.com
# Because this list contained the word "cialis" it was detected within his domain name causing
# his entire site to go down and not server any assets.
# That one entry would even cause any site containing a word like "specialist" anywhere in any
# of their sites pages to cause them to be blocked and whitelisting your own domain name in the
# whitelist-domains.conf file will not even bypass this, SO BE CAREFUL PLEASE
# Think very carefully before you add any word here
# *****************************************************************************************
# PLEASE MAKE SURE that you use word regex boundaries to avoid false positive detection !!!
# *****************************************************************************************
# BY DEFAULT ALL THE EXAMPLES BELOW ARE COMMENTED OUT AND HENCE NOT ENABLED
# As you can see in the examples below the word "adultgalls" is entered with a preceding \b and an ending \b
# this makes it now "\badultgalls\b". It is crucial to use the word boundaries regex formatting.
# ---------
# EXAMPLES:
# ---------
# "~*\badultgalls\b" 1;
# "~*\bamateurxpass\b" 1;
# "~*\bbigblackbooty\b" 1;
# "~*\bblacktits\b" 1;
# "~*\bcookie\-law\-enforcement\b" 1;
# "~*\bfree\-share\-buttons\b" 1;
# "~*\bfree\-social\-buttons\b" 1;
# "~*\bfuck\-paid\-share\-buttons\b" 1;
# "~*\bilovevitaly\b" 1;
# "~*\blaw\-enforcement\-bot\b" 1;
# "~*\blaw\-enforcement\-check\b" 1;
# "~*\bshare\-buttons\-for\-free\b" 1;
# "~*\bwebfuck\b" 1;
# "~*\bxxxrus\b" 1;
# "~*\bzeroredirect\b" 1;
"~*(?:\b)thisisabadword(?:\b|)" 1;
"~*(?:\b)thisisanotherbadword(?:\b|)" 1;

45
.dev-tools/_conf_files_whitelist/bots.d/blacklist-domains.conf Normal file
View file

@ -0,0 +1,45 @@
# EDIT THIS FILE AS YOU LIKE TO BLACKLIST YOUR OWN CUSTOM DOMAIN NAMES ###
### VERSION INFORMATION #
###################################################
### Version: V4.2019.05
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Add One Entry Per Line - List all your own extra domains you want to blacklist.
# This file must exist on your system or Nginx will fail a reload due to a missing file
# Automatic updates will never be able to remove this custom list of yours
# Add One Entry Per Line
# Make sure any domains have dots and special characters escaped as per the Regex examples below.
# For example myblacklisteddomainname.com should be entered as myfirstowndomainname\.com
# and my-second-blacklisted.com should be entered as my\-second\-owndomainname\.com
# *****************************************************************************************
# PLEASE MAKE SURE that you use word regex boundaries to avoid false positive detection !!!
# *****************************************************************************************
# As you can see in the examples below the domain "myblacklisteddomainname\.com" is entered with a preceding \b and an ending \b
# this makes it now "\bmyblacklisteddomainname\.com\b". It is crucial to use the word boundaries regex formatting.
# BY DEFAULT ALL THE EXAMPLES BELOW ARE COMMENTED OUT AND HENCE NOT ENABLED
# ---------
# EXAMPLES:
# ---------
# "~*\bmyblacklisteddomainname\.com\b" 1;
# "~*\bmy\-second\-blacklisted\.com\b" 1;

2
.dev-tools/_conf_files_whitelist/bots.d/blacklist-ips.conf Normal file
View file

@ -0,0 +1,2 @@
104.154.120.187 1;
127.0.0.1 1;

618
.dev-tools/_conf_files_whitelist/bots.d/blacklist-user-agents.conf Normal file
View file

@ -0,0 +1,618 @@
# EDIT THIS FILE AS YOU LIKE TO BLACKLIST OR WHITELIST ANY BAD USER-AGENT STRINGS YOU WANT TO SCAN FOR
# ****************************************************************************************************
### VERSION INFORMATION #
###################################################
### Version: V3.2018.05
### Updated: 2018-08-21
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Add One Entry Per Line - List all the extra bad User-Agents you want to permanently block or whitelist.
# This is for User-Agents that are not included in the main list of the bot blocker
# This file must exist on your system or Nginx will fail a reload due to a missing file
# This allows you finer control of keeping certain bots blocked and automatic updates will
# Never be able to remove this custom list of yours
# Please note this include file loads first before any of the already whitelisted User-Agents
# in the bad bot blocker. By loading first in line it over-rides anything below it so for instance
# if you want to block Baidu, Google or Bing for any reason you add them to this file which loads
# first and takes precedence over anything below it. This now allows even finer control over the
# bad bot blocker. Enjoy !!!
# Even though this file is called blacklist-user-agents, as mentioned it can also be used to whitelist user agents
# By adding them below and setting the 3; to 0; this will permanently whitelist the User-Agent.
# Make sure any words that contain special characters are escaped and include word boundaries as per the Regex examples below.
# Example the User-Agent name "someverybaduseragentname1" is entered as "\bsomeverybaduseragentname1\b"
# Example the User-Agent name "some-very-bad-useragentname2" is entered as "\bsome\-very\-bad\-useragentname1\b"
# the "\b" are word boundaries which prevents partial matching and false positives.
# BY DEFAULT ALL THE EXAMPLES BELOW ARE COMMENTED OUT AND HENCE NOT ENABLED
# ---------------------
# WHITELISTING EXAMPLES
# ---------------------
# "~*\bsomeverygooduseragentname1\b" 0;
# "~*\bsomeverygooduseragentname2\b" 0;
# "~*\bsome\-very\-good\-useragentname2\b" 0;
# ---------------------
# BLACKLISTING EXAMPLES
# ---------------------
# "~*\bsomeverybaduseragentname1\b" 3;
# "~*\bsomeverybaduseragentname2\b" 3;
# "~*\bsome\-very\-bad\-useragentname2\b" 3;
# START MAKE BAD BOTS GOOD ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)360Spider(?:\b|)" 0;
"~*(?:\b)404checker(?:\b|)" 0;
"~*(?:\b)404enemy(?:\b|)" 0;
"~*(?:\b)80legs(?:\b|)" 0;
"~*(?:\b)Abonti(?:\b|)" 0;
"~*(?:\b)Aboundex(?:\b|)" 0;
"~*(?:\b)Aboundexbot(?:\b|)" 0;
"~*(?:\b)Acunetix(?:\b|)" 0;
"~*(?:\b)ADmantX(?:\b|)" 0;
"~*(?:\b)AfD-Verbotsverfahren(?:\b|)" 0;
"~*(?:\b)AhrefsBot(?:\b|)" 0;
"~*(?:\b)AIBOT(?:\b|)" 0;
"~*(?:\b)AiHitBot(?:\b|)" 0;
"~*(?:\b)Aipbot(?:\b|)" 0;
"~*(?:\b)Alexibot(?:\b|)" 0;
"~*(?:\b)Alligator(?:\b|)" 0;
"~*(?:\b)AllSubmitter(?:\b|)" 0;
"~*(?:\b)AlphaBot(?:\b|)" 0;
"~*(?:\b)Anarchie(?:\b|)" 0;
"~*(?:\b)Apexoo(?:\b|)" 0;
"~*(?:\b)archive.org_bot(?:\b|)" 0;
"~*(?:\b)ASPSeek(?:\b|)" 0;
"~*(?:\b)Asterias(?:\b|)" 0;
"~*(?:\b)Attach(?:\b|)" 0;
"~*(?:\b)autoemailspider(?:\b|)" 0;
"~*(?:\b)BackDoorBot(?:\b|)" 0;
"~*(?:\b)Backlink-Ceck(?:\b|)" 0;
"~*(?:\b)backlink-check(?:\b|)" 0;
"~*(?:\b)BacklinkCrawler(?:\b|)" 0;
"~*(?:\b)BackStreet(?:\b|)" 0;
"~*(?:\b)BackWeb(?:\b|)" 0;
"~*(?:\b)Badass(?:\b|)" 0;
"~*(?:\b)Bandit(?:\b|)" 0;
"~*(?:\b)Barkrowler(?:\b|)" 0;
"~*(?:\b)BatchFTP(?:\b|)" 0;
"~*(?:\b)Battleztar\ Bazinga(?:\b|)" 0;
"~*(?:\b)BBBike(?:\b|)" 0;
"~*(?:\b)BDCbot(?:\b|)" 0;
"~*(?:\b)BDFetch(?:\b|)" 0;
"~*(?:\b)BetaBot(?:\b|)" 0;
"~*(?:\b)Bigfoot(?:\b|)" 0;
"~*(?:\b)Bitacle(?:\b|)" 0;
"~*(?:\b)Blackboard(?:\b|)" 0;
"~*(?:\b)Black\ Hole(?:\b|)" 0;
"~*(?:\b)BlackWidow(?:\b|)" 0;
"~*(?:\b)BLEXBot(?:\b|)" 0;
"~*(?:\b)Blow(?:\b|)" 0;
"~*(?:\b)BlowFish(?:\b|)" 0;
"~*(?:\b)Boardreader(?:\b|)" 0;
"~*(?:\b)Bolt(?:\b|)" 0;
"~*(?:\b)BotALot(?:\b|)" 0;
"~*(?:\b)Brandprotect(?:\b|)" 0;
"~*(?:\b)Brandwatch(?:\b|)" 0;
"~*(?:\b)Buddy(?:\b|)" 0;
"~*(?:\b)BuiltBotTough(?:\b|)" 0;
"~*(?:\b)BuiltWith(?:\b|)" 0;
"~*(?:\b)Bullseye(?:\b|)" 0;
"~*(?:\b)BunnySlippers(?:\b|)" 0;
"~*(?:\b)BuzzSumo(?:\b|)" 0;
"~*(?:\b)Calculon(?:\b|)" 0;
"~*(?:\b)CATExplorador(?:\b|)" 0;
"~*(?:\b)CazoodleBot(?:\b|)" 0;
"~*(?:\b)CCBot(?:\b|)" 0;
"~*(?:\b)Cegbfeieh(?:\b|)" 0;
"~*(?:\b)CheeseBot(?:\b|)" 0;
"~*(?:\b)CherryPicker(?:\b|)" 0;
"~*(?:\b)CheTeam(?:\b|)" 0;
"~*(?:\b)ChinaClaw(?:\b|)" 0;
"~*(?:\b)Chlooe(?:\b|)" 0;
"~*(?:\b)Claritybot(?:\b|)" 0;
"~*(?:\b)Cliqzbot(?:\b|)" 0;
"~*(?:\b)Cloud\ mapping(?:\b|)" 0;
"~*(?:\b)coccocbot-web(?:\b|)" 0;
"~*(?:\b)Cogentbot(?:\b|)" 0;
"~*(?:\b)cognitiveseo(?:\b|)" 0;
"~*(?:\b)Collector(?:\b|)" 0;
"~*(?:\b)com.plumanalytics(?:\b|)" 0;
"~*(?:\b)Copier(?:\b|)" 0;
"~*(?:\b)CopyRightCheck(?:\b|)" 0;
"~*(?:\b)Copyscape(?:\b|)" 0;
"~*(?:\b)Cosmos(?:\b|)" 0;
"~*(?:\b)Craftbot(?:\b|)" 0;
"~*(?:\b)crawler4j(?:\b|)" 0;
"~*(?:\b)crawler.feedback(?:\b|)" 0;
"~*(?:\b)crawl.sogou.com(?:\b|)" 0;
"~*(?:\b)CrazyWebCrawler(?:\b|)" 0;
"~*(?:\b)Crescent(?:\b|)" 0;
"~*(?:\b)CrunchBot(?:\b|)" 0;
"~*(?:\b)CSHttp(?:\b|)" 0;
"~*(?:\b)Curious(?:\b|)" 0;
"~*(?:\b)Custo(?:\b|)" 0;
"~*(?:\b)DatabaseDriverMysqli(?:\b|)" 0;
"~*(?:\b)DataCha0s(?:\b|)" 0;
"~*(?:\b)DBLBot(?:\b|)" 0;
"~*(?:\b)demandbase-bot(?:\b|)" 0;
"~*(?:\b)Demon(?:\b|)" 0;
"~*(?:\b)Deusu(?:\b|)" 0;
"~*(?:\b)Devil(?:\b|)" 0;
"~*(?:\b)Digincore(?:\b|)" 0;
"~*(?:\b)DigitalPebble(?:\b|)" 0;
"~*(?:\b)DIIbot(?:\b|)" 0;
"~*(?:\b)Dirbuster(?:\b|)" 0;
"~*(?:\b)Disco(?:\b|)" 0;
"~*(?:\b)Discobot(?:\b|)" 0;
"~*(?:\b)Discoverybot(?:\b|)" 0;
"~*(?:\b)Dispatch(?:\b|)" 0;
"~*(?:\b)DittoSpyder(?:\b|)" 0;
"~*(?:\b)DnyzBot(?:\b|)" 0;
"~*(?:\b)DomainAppender(?:\b|)" 0;
"~*(?:\b)DomainCrawler(?:\b|)" 0;
"~*(?:\b)DomainSigmaCrawler(?:\b|)" 0;
"~*(?:\b)DomainStatsBot(?:\b|)" 0;
"~*(?:\b)Dotbot(?:\b|)" 0;
"~*(?:\b)Download\ Wonder(?:\b|)" 0;
"~*(?:\b)Dragonfly(?:\b|)" 0;
"~*(?:\b)Drip(?:\b|)" 0;
"~*(?:\b)DSearch(?:\b|)" 0;
"~*(?:\b)DTS\ Agent(?:\b|)" 0;
"~*(?:\b)EasyDL(?:\b|)" 0;
"~*(?:\b)Ebingbong(?:\b|)" 0;
"~*(?:\b)eCatch(?:\b|)" 0;
"~*(?:\b)ECCP/1.0(?:\b|)" 0;
"~*(?:\b)Ecxi(?:\b|)" 0;
"~*(?:\b)EirGrabber(?:\b|)" 0;
"~*(?:\b)EMail\ Siphon(?:\b|)" 0;
"~*(?:\b)EMail\ Wolf(?:\b|)" 0;
"~*(?:\b)EroCrawler(?:\b|)" 0;
"~*(?:\b)evc-batch(?:\b|)" 0;
"~*(?:\b)Evil(?:\b|)" 0;
"~*(?:\b)Exabot(?:\b|)" 0;
"~*(?:\b)Express\ WebPictures(?:\b|)" 0;
"~*(?:\b)ExtLinksBot(?:\b|)" 0;
"~*(?:\b)Extractor(?:\b|)" 0;
"~*(?:\b)ExtractorPro(?:\b|)" 0;
"~*(?:\b)Extreme\ Picture\ Finder(?:\b|)" 0;
"~*(?:\b)EyeNetIE(?:\b|)" 0;
"~*(?:\b)Ezooms(?:\b|)" 0;
"~*(?:\b)facebookscraper(?:\b|)" 0;
"~*(?:\b)FDM(?:\b|)" 0;
"~*(?:\b)FemtosearchBot(?:\b|)" 0;
"~*(?:\b)FHscan(?:\b|)" 0;
"~*(?:\b)Fimap(?:\b|)" 0;
"~*(?:\b)Firefox/7.0(?:\b|)" 0;
"~*(?:\b)FlashGet(?:\b|)" 0;
"~*(?:\b)Flunky(?:\b|)" 0;
"~*(?:\b)Foobot(?:\b|)" 0;
"~*(?:\b)Freeuploader(?:\b|)" 0;
"~*(?:\b)FrontPage(?:\b|)" 0;
"~*(?:\b)FyberSpider(?:\b|)" 0;
"~*(?:\b)Fyrebot(?:\b|)" 0;
"~*(?:\b)GalaxyBot(?:\b|)" 0;
"~*(?:\b)Genieo(?:\b|)" 0;
"~*(?:\b)GermCrawler(?:\b|)" 0;
"~*(?:\b)Getintent(?:\b|)" 0;
"~*(?:\b)GetRight(?:\b|)" 0;
"~*(?:\b)GetWeb(?:\b|)" 0;
"~*(?:\b)Gigablast(?:\b|)" 0;
"~*(?:\b)Gigabot(?:\b|)" 0;
"~*(?:\b)G-i-g-a-b-o-t(?:\b|)" 0;
"~*(?:\b)Go-Ahead-Got-It(?:\b|)" 0;
"~*(?:\b)Gotit(?:\b|)" 0;
"~*(?:\b)GoZilla(?:\b|)" 0;
"~*(?:\b)Go!Zilla(?:\b|)" 0;
"~*(?:\b)Grabber(?:\b|)" 0;
"~*(?:\b)GrabNet(?:\b|)" 0;
"~*(?:\b)Grafula(?:\b|)" 0;
"~*(?:\b)GrapeFX(?:\b|)" 0;
"~*(?:\b)GrapeshotCrawler(?:\b|)" 0;
"~*(?:\b)GridBot(?:\b|)" 0;
"~*(?:\b)GT::WWW(?:\b|)" 0;
"~*(?:\b)Haansoft(?:\b|)" 0;
"~*(?:\b)HaosouSpider(?:\b|)" 0;
"~*(?:\b)Harvest(?:\b|)" 0;
"~*(?:\b)Havij(?:\b|)" 0;
"~*(?:\b)HEADMasterSEO(?:\b|)" 0;
"~*(?:\b)Heritrix(?:\b|)" 0;
"~*(?:\b)Hloader(?:\b|)" 0;
"~*(?:\b)HMView(?:\b|)" 0;
"~*(?:\b)HTMLparser(?:\b|)" 0;
"~*(?:\b)HTTP::Lite(?:\b|)" 0;
"~*(?:\b)HTTrack(?:\b|)" 0;
"~*(?:\b)Humanlinks(?:\b|)" 0;
"~*(?:\b)HybridBot(?:\b|)" 0;
"~*(?:\b)Iblog(?:\b|)" 0;
"~*(?:\b)IDBot(?:\b|)" 0;
"~*(?:\b)Id-search(?:\b|)" 0;
"~*(?:\b)IlseBot(?:\b|)" 0;
"~*(?:\b)Image\ Fetch(?:\b|)" 0;
"~*(?:\b)Image\ Sucker(?:\b|)" 0;
"~*(?:\b)IndeedBot(?:\b|)" 0;
"~*(?:\b)Indy\ Library(?:\b|)" 0;
"~*(?:\b)InfoNaviRobot(?:\b|)" 0;
"~*(?:\b)InfoTekies(?:\b|)" 0;
"~*(?:\b)instabid(?:\b|)" 0;
"~*(?:\b)Intelliseek(?:\b|)" 0;
"~*(?:\b)InterGET(?:\b|)" 0;
"~*(?:\b)Internet\ Ninja(?:\b|)" 0;
"~*(?:\b)InternetSeer(?:\b|)" 0;
"~*(?:\b)internetVista\ monitor(?:\b|)" 0;
"~*(?:\b)ips-agent(?:\b|)" 0;
"~*(?:\b)Iria(?:\b|)" 0;
"~*(?:\b)IRLbot(?:\b|)" 0;
"~*(?:\b)Iskanie(?:\b|)" 0;
"~*(?:\b)IstellaBot(?:\b|)" 0;
"~*(?:\b)JamesBOT(?:\b|)" 0;
"~*(?:\b)Jbrofuzz(?:\b|)" 0;
"~*(?:\b)JennyBot(?:\b|)" 0;
"~*(?:\b)JetCar(?:\b|)" 0;
"~*(?:\b)Jetty(?:\b|)" 0;
"~*(?:\b)JikeSpider(?:\b|)" 0;
"~*(?:\b)JOC\ Web\ Spider(?:\b|)" 0;
"~*(?:\b)Joomla(?:\b|)" 0;
"~*(?:\b)Jorgee(?:\b|)" 0;
"~*(?:\b)JustView(?:\b|)" 0;
"~*(?:\b)Jyxobot(?:\b|)" 0;
"~*(?:\b)Kenjin\ Spider(?:\b|)" 0;
"~*(?:\b)Keyword\ Density(?:\b|)" 0;
"~*(?:\b)Kozmosbot(?:\b|)" 0;
"~*(?:\b)Lanshanbot(?:\b|)" 0;
"~*(?:\b)Larbin(?:\b|)" 0;
"~*(?:\b)LeechFTP(?:\b|)" 0;
"~*(?:\b)LeechGet(?:\b|)" 0;
"~*(?:\b)LexiBot(?:\b|)" 0;
"~*(?:\b)Lftp(?:\b|)" 0;
"~*(?:\b)LibWeb(?:\b|)" 0;
"~*(?:\b)Libwhisker(?:\b|)" 0;
"~*(?:\b)Lightspeedsystems(?:\b|)" 0;
"~*(?:\b)Likse(?:\b|)" 0;
"~*(?:\b)Linkdexbot(?:\b|)" 0;
"~*(?:\b)LinkextractorPro(?:\b|)" 0;
"~*(?:\b)LinkpadBot(?:\b|)" 0;
"~*(?:\b)LinkScan(?:\b|)" 0;
"~*(?:\b)LinksManager(?:\b|)" 0;
"~*(?:\b)LinkWalker(?:\b|)" 0;
"~*(?:\b)LinqiaMetadataDownloaderBot(?:\b|)" 0;
"~*(?:\b)LinqiaRSSBot(?:\b|)" 0;
"~*(?:\b)LinqiaScrapeBot(?:\b|)" 0;
"~*(?:\b)Lipperhey(?:\b|)" 0;
"~*(?:\b)Lipperhey\ Spider(?:\b|)" 0;
"~*(?:\b)Litemage_walker(?:\b|)" 0;
"~*(?:\b)Lmspider(?:\b|)" 0;
"~*(?:\b)LNSpiderguy(?:\b|)" 0;
"~*(?:\b)Ltx71(?:\b|)" 0;
"~*(?:\b)lwp-request(?:\b|)" 0;
"~*(?:\b)LWP::Simple(?:\b|)" 0;
"~*(?:\b)lwp-trivial(?:\b|)" 0;
"~*(?:\b)Magnet(?:\b|)" 0;
"~*(?:\b)Mag-Net(?:\b|)" 0;
"~*(?:\b)magpie-crawler(?:\b|)" 0;
"~*(?:\b)Mail.RU_Bot(?:\b|)" 0;
"~*(?:\b)Majestic12(?:\b|)" 0;
"~*(?:\b)Majestic-SEO(?:\b|)" 0;
"~*(?:\b)Majestic\ SEO(?:\b|)" 0;
"~*(?:\b)MarkMonitor(?:\b|)" 0;
"~*(?:\b)MarkWatch(?:\b|)" 0;
"~*(?:\b)Masscan(?:\b|)" 0;
"~*(?:\b)Mass\ Downloader(?:\b|)" 0;
"~*(?:\b)Mata\ Hari(?:\b|)" 0;
"~*(?:\b)MauiBot(?:\b|)" 0;
"~*(?:\b)meanpathbot(?:\b|)" 0;
"~*(?:\b)Meanpathbot(?:\b|)" 0;
"~*(?:\b)MeanPath\ Bot(?:\b|)" 0;
"~*(?:\b)Mediatoolkitbot(?:\b|)" 0;
"~*(?:\b)mediawords(?:\b|)" 0;
"~*(?:\b)MegaIndex.ru(?:\b|)" 0;
"~*(?:\b)Metauri(?:\b|)" 0;
"~*(?:\b)MFC_Tear_Sample(?:\b|)" 0;
"~*(?:\b)Microsoft\ Data\ Access(?:\b|)" 0;
"~*(?:\b)Microsoft\ URL\ Control(?:\b|)" 0;
"~*(?:\b)MIDown\ tool(?:\b|)" 0;
"~*(?:\b)MIIxpc(?:\b|)" 0;
"~*(?:\b)Mister\ PiX(?:\b|)" 0;
"~*(?:\b)MJ12bot(?:\b|)" 0;
"~*(?:\b)Mojeek(?:\b|)" 0;
"~*(?:\b)Morfeus\ Fucking\ Scanner(?:\b|)" 0;
"~*(?:\b)Mr.4x3(?:\b|)" 0;
"~*(?:\b)MSFrontPage(?:\b|)" 0;
"~*(?:\b)MSIECrawler(?:\b|)" 0;
"~*(?:\b)Msrabot(?:\b|)" 0;
"~*(?:\b)MS\ Web\ Services\ Client\ Protocol(?:\b|)" 0;
"~*(?:\b)muhstik-scan(?:\b|)" 0;
"~*(?:\b)Musobot(?:\b|)" 0;
"~*(?:\b)Name\ Intelligence(?:\b|)" 0;
"~*(?:\b)Nameprotect(?:\b|)" 0;
"~*(?:\b)Navroad(?:\b|)" 0;
"~*(?:\b)NearSite(?:\b|)" 0;
"~*(?:\b)Needle(?:\b|)" 0;
"~*(?:\b)Nessus(?:\b|)" 0;
"~*(?:\b)NetAnts(?:\b|)" 0;
"~*(?:\b)Netcraft(?:\b|)" 0;
"~*(?:\b)netEstate\ NE\ Crawler(?:\b|)" 0;
"~*(?:\b)NetLyzer(?:\b|)" 0;
"~*(?:\b)NetMechanic(?:\b|)" 0;
"~*(?:\b)NetSpider(?:\b|)" 0;
"~*(?:\b)Nettrack(?:\b|)" 0;
"~*(?:\b)Net\ Vampire(?:\b|)" 0;
"~*(?:\b)Netvibes(?:\b|)" 0;
"~*(?:\b)NetZIP(?:\b|)" 0;
"~*(?:\b)NextGenSearchBot(?:\b|)" 0;
"~*(?:\b)Nibbler(?:\b|)" 0;
"~*(?:\b)NICErsPRO(?:\b|)" 0;
"~*(?:\b)Niki-bot(?:\b|)" 0;
"~*(?:\b)Nikto(?:\b|)" 0;
"~*(?:\b)NimbleCrawler(?:\b|)" 0;
"~*(?:\b)Nimbostratus(?:\b|)" 0;
"~*(?:\b)Ninja(?:\b|)" 0;
"~*(?:\b)Nmap(?:\b|)" 0;
"~*(?:\b)NPbot(?:\b|)" 0;
"~*(?:\b)Nutch(?:\b|)" 0;
"~*(?:\b)oBot(?:\b|)" 0;
"~*(?:\b)Octopus(?:\b|)" 0;
"~*(?:\b)Offline\ Explorer(?:\b|)" 0;
"~*(?:\b)Offline\ Navigator(?:\b|)" 0;
"~*(?:\b)OnCrawl(?:\b|)" 0;
"~*(?:\b)Openfind(?:\b|)" 0;
"~*(?:\b)OpenLinkProfiler(?:\b|)" 0;
"~*(?:\b)Openvas(?:\b|)" 0;
"~*(?:\b)OpenVAS(?:\b|)" 0;
"~*(?:\b)OrangeBot(?:\b|)" 0;
"~*(?:\b)OrangeSpider(?:\b|)" 0;
"~*(?:\b)OutclicksBot(?:\b|)" 0;
"~*(?:\b)OutfoxBot(?:\b|)" 0;
"~*(?:\b)PageAnalyzer(?:\b|)" 0;
"~*(?:\b)Page\ Analyzer(?:\b|)" 0;
"~*(?:\b)PageGrabber(?:\b|)" 0;
"~*(?:\b)page\ scorer(?:\b|)" 0;
"~*(?:\b)PageScorer(?:\b|)" 0;
"~*(?:\b)Pandalytics(?:\b|)" 0;
"~*(?:\b)Panscient(?:\b|)" 0;
"~*(?:\b)Papa\ Foto(?:\b|)" 0;
"~*(?:\b)Pavuk(?:\b|)" 0;
"~*(?:\b)pcBrowser(?:\b|)" 0;
"~*(?:\b)PECL::HTTP(?:\b|)" 0;
"~*(?:\b)PeoplePal(?:\b|)" 0;
"~*(?:\b)PHPCrawl(?:\b|)" 0;
"~*(?:\b)Picscout(?:\b|)" 0;
"~*(?:\b)Picsearch(?:\b|)" 0;
"~*(?:\b)PictureFinder(?:\b|)" 0;
"~*(?:\b)Pimonster(?:\b|)" 0;
"~*(?:\b)Pi-Monster(?:\b|)" 0;
"~*(?:\b)Pixray(?:\b|)" 0;
"~*(?:\b)PleaseCrawl(?:\b|)" 0;
"~*(?:\b)plumanalytics(?:\b|)" 0;
"~*(?:\b)Pockey(?:\b|)" 0;
"~*(?:\b)POE-Component-Client-HTTP(?:\b|)" 0;
"~*(?:\b)Probethenet(?:\b|)" 0;
"~*(?:\b)ProPowerBot(?:\b|)" 0;
"~*(?:\b)ProWebWalker(?:\b|)" 0;
"~*(?:\b)Psbot(?:\b|)" 0;
"~*(?:\b)Pump(?:\b|)" 0;
"~*(?:\b)PxBroker(?:\b|)" 0;
"~*(?:\b)PyCurl(?:\b|)" 0;
"~*(?:\b)QueryN\ Metasearch(?:\b|)" 0;
"~*(?:\b)Quick-Crawler(?:\b|)" 0;
"~*(?:\b)RankActive(?:\b|)" 0;
"~*(?:\b)RankActiveLinkBot(?:\b|)" 0;
"~*(?:\b)RankFlex(?:\b|)" 0;
"~*(?:\b)RankingBot(?:\b|)" 0;
"~*(?:\b)RankingBot2(?:\b|)" 0;
"~*(?:\b)Rankivabot(?:\b|)" 0;
"~*(?:\b)RankurBot(?:\b|)" 0;
"~*(?:\b)RealDownload(?:\b|)" 0;
"~*(?:\b)Reaper(?:\b|)" 0;
"~*(?:\b)RebelMouse(?:\b|)" 0;
"~*(?:\b)Recorder(?:\b|)" 0;
"~*(?:\b)RedesScrapy(?:\b|)" 0;
"~*(?:\b)ReGet(?:\b|)" 0;
"~*(?:\b)RepoMonkey(?:\b|)" 0;
"~*(?:\b)Ripper(?:\b|)" 0;
"~*(?:\b)RocketCrawler(?:\b|)" 0;
"~*(?:\b)Rogerbot(?:\b|)" 0;
"~*(?:\b)s1z.ru(?:\b|)" 0;
"~*(?:\b)SalesIntelligent(?:\b|)" 0;
"~*(?:\b)SBIder(?:\b|)" 0;
"~*(?:\b)ScanAlert(?:\b|)" 0;
"~*(?:\b)Scanbot(?:\b|)" 0;
"~*(?:\b)scan.lol(?:\b|)" 0;
"~*(?:\b)ScoutJet(?:\b|)" 0;
"~*(?:\b)Scrapy(?:\b|)" 0;
"~*(?:\b)Screaming(?:\b|)" 0;
"~*(?:\b)ScreenerBot(?:\b|)" 0;
"~*(?:\b)Searchestate(?:\b|)" 0;
"~*(?:\b)SearchmetricsBot(?:\b|)" 0;
"~*(?:\b)Semrush(?:\b|)" 0;
"~*(?:\b)SemrushBot(?:\b|)" 0;
"~*(?:\b)SEOkicks(?:\b|)" 0;
"~*(?:\b)SEOkicks-Robot(?:\b|)" 0;
"~*(?:\b)SEOlyticsCrawler(?:\b|)" 0;
"~*(?:\b)Seomoz(?:\b|)" 0;
"~*(?:\b)SEOprofiler(?:\b|)" 0;
"~*(?:\b)seoscanners(?:\b|)" 0;
"~*(?:\b)SeoSiteCheckup(?:\b|)" 0;
"~*(?:\b)SEOstats(?:\b|)" 0;
"~*(?:\b)serpstatbot(?:\b|)" 0;
"~*(?:\b)sexsearcher(?:\b|)" 0;
"~*(?:\b)Shodan(?:\b|)" 0;
"~*(?:\b)Siphon(?:\b|)" 0;
"~*(?:\b)SISTRIX(?:\b|)" 0;
"~*(?:\b)Sitebeam(?:\b|)" 0;
"~*(?:\b)SiteExplorer(?:\b|)" 0;
"~*(?:\b)Siteimprove(?:\b|)" 0;
"~*(?:\b)SiteLockSpider(?:\b|)" 0;
"~*(?:\b)SiteSnagger(?:\b|)" 0;
"~*(?:\b)SiteSucker(?:\b|)" 0;
"~*(?:\b)Site\ Sucker(?:\b|)" 0;
"~*(?:\b)Sitevigil(?:\b|)" 0;
"~*(?:\b)SlySearch(?:\b|)" 0;
"~*(?:\b)SmartDownload(?:\b|)" 0;
"~*(?:\b)SMTBot(?:\b|)" 0;
"~*(?:\b)Snake(?:\b|)" 0;
"~*(?:\b)Snapbot(?:\b|)" 0;
"~*(?:\b)Snoopy(?:\b|)" 0;
"~*(?:\b)SocialRankIOBot(?:\b|)" 0;
"~*(?:\b)Sociscraper(?:\b|)" 0;
"~*(?:\b)sogouspider(?:\b|)" 0;
"~*(?:\b)Sogou\ web\ spider(?:\b|)" 0;
"~*(?:\b)Sosospider(?:\b|)" 0;
"~*(?:\b)Sottopop(?:\b|)" 0;
"~*(?:\b)SpaceBison(?:\b|)" 0;
"~*(?:\b)Spammen(?:\b|)" 0;
"~*(?:\b)SpankBot(?:\b|)" 0;
"~*(?:\b)Spanner(?:\b|)" 0;
"~*(?:\b)sp_auditbot(?:\b|)" 0;
"~*(?:\b)Spbot(?:\b|)" 0;
"~*(?:\b)Spinn3r(?:\b|)" 0;
"~*(?:\b)SputnikBot(?:\b|)" 0;
"~*(?:\b)spyfu(?:\b|)" 0;
"~*(?:\b)Sqlmap(?:\b|)" 0;
"~*(?:\b)Sqlworm(?:\b|)" 0;
"~*(?:\b)Sqworm(?:\b|)" 0;
"~*(?:\b)Steeler(?:\b|)" 0;
"~*(?:\b)Stripper(?:\b|)" 0;
"~*(?:\b)Sucker(?:\b|)" 0;
"~*(?:\b)Sucuri(?:\b|)" 0;
"~*(?:\b)SuperBot(?:\b|)" 0;
"~*(?:\b)SuperHTTP(?:\b|)" 0;
"~*(?:\b)Surfbot(?:\b|)" 0;
"~*(?:\b)SurveyBot(?:\b|)" 0;
"~*(?:\b)Suzuran(?:\b|)" 0;
"~*(?:\b)Swiftbot(?:\b|)" 0;
"~*(?:\b)sysscan(?:\b|)" 0;
"~*(?:\b)Szukacz(?:\b|)" 0;
"~*(?:\b)T0PHackTeam(?:\b|)" 0;
"~*(?:\b)T8Abot(?:\b|)" 0;
"~*(?:\b)tAkeOut(?:\b|)" 0;
"~*(?:\b)Teleport(?:\b|)" 0;
"~*(?:\b)TeleportPro(?:\b|)" 0;
"~*(?:\b)Telesoft(?:\b|)" 0;
"~*(?:\b)Telesphoreo(?:\b|)" 0;
"~*(?:\b)Telesphorep(?:\b|)" 0;
"~*(?:\b)The\ Intraformant(?:\b|)" 0;
"~*(?:\b)TheNomad(?:\b|)" 0;
"~*(?:\b)Thumbor(?:\b|)" 0;
"~*(?:\b)TightTwatBot(?:\b|)" 0;
"~*(?:\b)Titan(?:\b|)" 0;
"~*(?:\b)Toata(?:\b|)" 0;
"~*(?:\b)Toweyabot(?:\b|)" 0;
"~*(?:\b)Tracemyfile(?:\b|)" 0;
"~*(?:\b)Trendiction(?:\b|)" 0;
"~*(?:\b)Trendictionbot(?:\b|)" 0;
"~*(?:\b)trendiction.com(?:\b|)" 0;
"~*(?:\b)trendiction.de(?:\b|)" 0;
"~*(?:\b)True_Robot(?:\b|)" 0;
"~*(?:\b)Turingos(?:\b|)" 0;
"~*(?:\b)Turnitin(?:\b|)" 0;
"~*(?:\b)TurnitinBot(?:\b|)" 0;
"~*(?:\b)TwengaBot(?:\b|)" 0;
"~*(?:\b)Twice(?:\b|)" 0;
"~*(?:\b)Typhoeus(?:\b|)" 0;
"~*(?:\b)UnisterBot(?:\b|)" 0;
"~*(?:\b)Upflow(?:\b|)" 0;
"~*(?:\b)URLy.Warning(?:\b|)" 0;
"~*(?:\b)URLy\ Warning(?:\b|)" 0;
"~*(?:\b)Vacuum(?:\b|)" 0;
"~*(?:\b)Vagabondo(?:\b|)" 0;
"~*(?:\b)VB\ Project(?:\b|)" 0;
"~*(?:\b)VCI(?:\b|)" 0;
"~*(?:\b)VeriCiteCrawler(?:\b|)" 0;
"~*(?:\b)VidibleScraper(?:\b|)" 0;
"~*(?:\b)Virusdie(?:\b|)" 0;
"~*(?:\b)VoidEYE(?:\b|)" 0;
"~*(?:\b)Voil(?:\b|)" 0;
"~*(?:\b)Voltron(?:\b|)" 0;
"~*(?:\b)Wallpapers/3.0(?:\b|)" 0;
"~*(?:\b)WallpapersHD(?:\b|)" 0;
"~*(?:\b)WASALive-Bot(?:\b|)" 0;
"~*(?:\b)WBSearchBot(?:\b|)" 0;
"~*(?:\b)Webalta(?:\b|)" 0;
"~*(?:\b)WebAuto(?:\b|)" 0;
"~*(?:\b)Web\ Auto(?:\b|)" 0;
"~*(?:\b)WebBandit(?:\b|)" 0;
"~*(?:\b)WebCollage(?:\b|)" 0;
"~*(?:\b)Web\ Collage(?:\b|)" 0;
"~*(?:\b)WebCopier(?:\b|)" 0;
"~*(?:\b)WEBDAV(?:\b|)" 0;
"~*(?:\b)WebEnhancer(?:\b|)" 0;
"~*(?:\b)Web\ Enhancer(?:\b|)" 0;
"~*(?:\b)WebFetch(?:\b|)" 0;
"~*(?:\b)Web\ Fetch(?:\b|)" 0;
"~*(?:\b)WebFuck(?:\b|)" 0;
"~*(?:\b)Web\ Fuck(?:\b|)" 0;
"~*(?:\b)WebGo\ IS(?:\b|)" 0;
"~*(?:\b)WebImageCollector(?:\b|)" 0;
"~*(?:\b)WebLeacher(?:\b|)" 0;
"~*(?:\b)WebmasterWorldForumBot(?:\b|)" 0;
"~*(?:\b)webmeup-crawler(?:\b|)" 0;
"~*(?:\b)WebPix(?:\b|)" 0;
"~*(?:\b)Web\ Pix(?:\b|)" 0;
"~*(?:\b)WebReaper(?:\b|)" 0;
"~*(?:\b)WebSauger(?:\b|)" 0;
"~*(?:\b)Web\ Sauger(?:\b|)" 0;
"~*(?:\b)Webshag(?:\b|)" 0;
"~*(?:\b)WebsiteExtractor(?:\b|)" 0;
"~*(?:\b)WebsiteQuester(?:\b|)" 0;
"~*(?:\b)Website\ Quester(?:\b|)" 0;
"~*(?:\b)Webster(?:\b|)" 0;
"~*(?:\b)WebStripper(?:\b|)" 0;
"~*(?:\b)WebSucker(?:\b|)" 0;
"~*(?:\b)Web\ Sucker(?:\b|)" 0;
"~*(?:\b)WebWhacker(?:\b|)" 0;
"~*(?:\b)WebZIP(?:\b|)" 0;
"~*(?:\b)WeSEE(?:\b|)" 0;
"~*(?:\b)Whack(?:\b|)" 0;
"~*(?:\b)Whacker(?:\b|)" 0;
"~*(?:\b)Whatweb(?:\b|)" 0;
"~*(?:\b)Who.is\ Bot(?:\b|)" 0;
"~*(?:\b)Widow(?:\b|)" 0;
"~*(?:\b)WinHTTrack(?:\b|)" 0;
"~*(?:\b)WiseGuys\ Robot(?:\b|)" 0;
"~*(?:\b)WISENutbot(?:\b|)" 0;
"~*(?:\b)Wonderbot(?:\b|)" 0;
"~*(?:\b)Woobot(?:\b|)" 0;
"~*(?:\b)Wotbox(?:\b|)" 0;
"~*(?:\b)Wprecon(?:\b|)" 0;
"~*(?:\b)WPScan(?:\b|)" 0;
"~*(?:\b)WWW-Collector-E(?:\b|)" 0;
"~*(?:\b)WWW-Mechanize(?:\b|)" 0;
"~*(?:\b)WWW::Mechanize(?:\b|)" 0;
"~*(?:\b)WWWOFFLE(?:\b|)" 0;
"~*(?:\b)x09Mozilla(?:\b|)" 0;
"~*(?:\b)x22Mozilla(?:\b|)" 0;
"~*(?:\b)Xaldon_WebSpider(?:\b|)" 0;
"~*(?:\b)Xaldon\ WebSpider(?:\b|)" 0;
"~*(?:\b)Xenu(?:\b|)" 0;
"~*(?:\b)xpymep1.exe(?:\b|)" 0;
"~*(?:\b)YoudaoBot(?:\b|)" 0;
"~*(?:\b)Zade(?:\b|)" 0;
"~*(?:\b)Zauba(?:\b|)" 0;
"~*(?:\b)zauba.io(?:\b|)" 0;
"~*(?:\b)Zermelo(?:\b|)" 0;
"~*(?:\b)Zeus(?:\b|)" 0;
"~*(?:\b)zgrab(?:\b|)" 0;
"~*(?:\b)Zitebot(?:\b|)" 0;
"~*(?:\b)ZmEu(?:\b|)" 0;
"~*(?:\b)ZumBot(?:\b|)" 0;
"~*(?:\b)ZyBorg(?:\b|)" 0;
# END MAKE BAD BOTS GOOD ### DO NOT EDIT THIS LINE AT ALL ###

85
.dev-tools/_conf_files_whitelist/bots.d/blockbots.conf Normal file
View file

@ -0,0 +1,85 @@
# Author: Mitchell Krog <mitchellkrog@gmail.com> - https://github.com/mitchellkrogza/
### VERSION INFORMATION #
###################################################
### Version: V4.2019.03
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Include this in a vhost file within a server {} block using and include statement like below
# server {
# #Config stuff here
# include /etc/nginx/bots.d/blockbots.conf
# include /etc/nginx/bots.d/ddos.conf
# #Other config stuff here
# }
#######################################################################
# -----------------------------------
# OVER-RIDE BLOCKER / SUPER WHITELIST
# -----------------------------------
# In this block you can allow any IP address specified here to over-ride any bad bot or IP blocking of the blocker.
# This is useful for testing or allowing only specific IP's (ie. Internal ranges) to never be blocked.
# More IP's can be added example > "(127.0.0.1)|(192.168.0.1)|(192.168.1.1)"
# If you even blacklisted 127.0.0.1 or your own IP by giving it a value of 1 in any of the includes, this will over-ride that block.
# UNCOMMENT THE NEXT 4 LINES TO ACTIVATE THE SUPER WHITELIST
#if ($remote_addr ~ "(127.0.0.1)|(192.168.0.1)" ) {
#set $bad_bot '0'; #Uncommenting this line will disable bad_bots functionality for specified IP(s)
#set $validate_client '0'; #Uncommenting this line will disable validate_client ip blocking functionality for specified IP(s)
#}
# --------------
# BLOCK BAD BOTS
# --------------
# Section bot_1 Unused
#limit_conn bot1_connlimit 100;
#limit_req zone=bot1_reqlimitip burst=50;
limit_conn bot2_connlimit 10;
limit_req zone=bot2_reqlimitip burst=10;
if ($bad_bot = '3') {
return 444;
}
# ---------------------
# BLOCK BAD REFER WORDS
# ---------------------
if ($bad_words) {
return 444;
}
# ------------------
# BLOCK BAD REFERERS
# ------------------
if ($bad_referer) {
return 444;
}
# -----------------------------
# BLOCK IP ADDRESSES and RANGES
# -----------------------------
if ($validate_client) {
return 444;
}
#######################################################################

6762
.dev-tools/_conf_files_whitelist/bots.d/custom-bad-referrers.conf Normal file
View file

File diff suppressed because it is too large Load diff

36
.dev-tools/_conf_files_whitelist/bots.d/ddos.conf Normal file
View file

@ -0,0 +1,36 @@
#######################################################################
### VERSION INFORMATION #
###################################################
### Version: V4.2019.02
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Author: Mitchell Krog <mitchellkrog@gmail.com> - https://github.com/mitchellkrogza/
# Include this in a vhost file within a server {} block using and include statement like below
# server {
# #Config stuff here
# include /etc/nginx/bots.d/blockbots.conf
# include /etc/nginx/bots.d/ddos.conf
# #Other config stuff here
# }
#######################################################################
limit_conn addr 200;
limit_req zone=flood burst=200 nodelay;

47
.dev-tools/_conf_files_whitelist/bots.d/whitelist-domains.conf Normal file
View file

@ -0,0 +1,47 @@
# EDIT THIS FILE AS YOU LIKE TO WHITELIST YOUR OWN DOMAIN NAMES AND SPARE THEM FROM ANY REFERRER CHECKING ###
### VERSION INFORMATION #
###################################################
### Version: V4.2019.05
### Updated: 2019-06-24
###################################################
### VERSION INFORMATION ##
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Add One Entry Per Line - List all your own domains of the sites you host on the server
# This file must exist on your system or Nginx will fail a reload due to a missing file
# Automatic updates will never be able to remove this custom list of yours
# Add One Entry Per Line
# Make sure any domains have dots and special characters escaped as per the Regex examples below.
# For example myfirstowndomainname.com should be entered as myfirstowndomainname\.com
# and my-second-owndomainname.com should be entered as my\-second\-owndomainname\.com
# *****************************************************************************************
# PLEASE MAKE SURE that you use word regex boundaries to avoid false positive detection !!!
# *****************************************************************************************
# As you can see in the examples below the domain "myfirstowndomainname\.com" is entered with a preceding \b and an ending \b
# this makes it now "\bmyfirstowndomainname\.com\b". It is crucial to use the word boundaries regex formatting.
# BY DEFAULT ALL THE EXAMPLES BELOW ARE COMMENTED OUT AND HENCE NOT ENABLED
# ---------
# EXAMPLES:
# ---------
# "~*\bmyfirstowndomainname\.com\b" 0;
# "~*\bmy\-second\-owndomainname\.com\b" 0;
"~*(?:\b)myowndomain\.com(?:\b|)" 0;
"~*(?:\b)myotherdomain\.com(?:\b|)" 0;

5
.dev-tools/_conf_files_whitelist/bots.d/whitelist-ips.conf Normal file
View file

@ -0,0 +1,5 @@
104.154.120.187 0;
127.0.0.1 1;
127.0.0.1 1;
127.0.0.1 1;
127.0.0.1 0;

1
.dev-tools/_conf_files_whitelist/conf.d/.keep Normal file
View file

@ -0,0 +1 @@
null

31
.dev-tools/_conf_files_whitelist/conf.d/botblocker-nginx-settings.conf Normal file
View file

@ -0,0 +1,31 @@
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
# / / _ `/ / _ \\ \ / #
# /_/|_/\_, /_/_//_/_\_\ #
# __/___/ __ ___ __ ___ __ __ #
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
# #
##############################################################################
# Version 1.1
# ! new directives also to be added to include_filelist.txt ! #
server_names_hash_bucket_size 256;
server_names_hash_max_size 4096;
variables_hash_max_size 4096;
variables_hash_bucket_size 4096;
limit_req_zone $binary_remote_addr zone=flood:50m rate=90r/s;
limit_conn_zone $binary_remote_addr zone=addr:50m;
# ****************************************************************************
# NOTE: IF you are using a system like Nginx-Proxy from @JWilder
# ****************************************************************************
# Repo URL: https://github.com/jwilder/nginx-proxy
# You will need to comment out the first line here as follows.
# #server_names_hash_bucket_size 128;
# You will also need to modify the nginx.tmpl file to add the default include
# include /etc/nginx/conf.d/*
# ****************************************************************************

18014
.dev-tools/_conf_files_whitelist/conf.d/globalblacklist.conf Normal file
View file

File diff suppressed because it is too large Load diff

16
.dev-tools/_conf_files_whitelist/default.vhost Normal file
View file

@ -0,0 +1,16 @@
server {
# Bad Bot Blocker
include /etc/nginx/bots.d/ddos.conf;
include /etc/nginx/bots.d/blockbots.conf;
listen *:9000;
root /var/www/html;
server_name localhost;
charset UTF-8;
index index.html;
location / {
root /var/www/html/;
}
}

85
.dev-tools/_conf_files_whitelist/nginx.conf Normal file
View file

@ -0,0 +1,85 @@
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}

2
.dev-tools/beta-test-blocker-whitelist-ips.sh
View file

@ -75,7 +75,7 @@ echo "${bold}${yellow}----------------------------------------------------------
echo "${bold}${yellow}Sleeping for 10 seconds to allow Nginx to Properly Reload inside Travis"
echo "${bold}${yellow}-----------------------------------------------------------------------"
printf "\n\n"
sleep 30s
sleep 10s
# *************************************************
# Function Curl Test 1 - Test User Domain Whitelist

641
.dev-tools/globalblacklist.template
View file

@ -1,16 +1,21 @@
### **********************************
### THE ULTIMATE NGINX BAD BOT BLOCKER
### **********************************
### -----------------------------------------------------------
### THE NGINX ULTIMATE BAD BOT, BAD IP AND BAD REFERRER BLOCKER
### -----------------------------------------------------------
### VERSION INFORMATION #
###################################################
### Version: V4.2019.06.1647
### Updated: Thu Jun 27 14:46:41 SAST 2019
### Version: V3.2019.06.1647
### Updated: Thu Jun 27 14:46:42 SAST 2019
### Bad Referrer Count: 6713
### Bad Bot Count: 556
###################################################
### VERSION INFORMATION ##
### --------------------------------------------
### HELP SUPPORT THIS PROJECT - Send Me a Coffee
### https://ko-fi.com/mitchellkrog
### --------------------------------------------
##############################################################################
# _ __ _ #
# / |/ /__ _(_)__ __ __ #
@ -28,12 +33,16 @@
### and also has rate limiting functionality for bad bots who you only want to rate limit
### and not actually block out entirely. It is very powerful and also very flexible.
### --------------------------------------------------------------------------
### Created By: https://github.com/mitchellkrogza/
### Repo Url: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
### Copyright Mitchell Krog - <mitchellkrog@gmail.com>
### Contributors: Stuart Cardall - https://github.com/itoffshore
### --------------------------------------------------------------------------
### --------------------------------------------------------------------------
### Tested on: nginx/1.10.3 up to latest Mainstream Version (Ubuntu 16.04)
### --------------------------------------------------------------------------
### This list was developed and is in use on a live Nginx server running some very busy web sites.
### It was built from the ground up using real data from daily logs and is updated almost daily.
@ -41,9 +50,9 @@
### spam referrers, rogue IP address, scanners, scrapers and domain hijacking sites are extensively checked
### before they are added. It is monitored extensively for any false positives.
### *********
### ---------
### Features:
### *********
### ---------
### Clear formatting for Ease of Maintenance.
### Alphabetically ordered lists for Ease of Maintenance.
### Extensive Commenting for Ease of Reference.
@ -54,40 +63,38 @@
### IP range blocking / whitelisting.
### Rate Limiting Functions.
### ************
### ------------
### INSTALLATION
### ************
### ------------
### PLEASE use the install, setup and update scripts provided for you to ease your installation.
### This Auto Installation procedure is documented in the README.md and AUTO-CONFIGURATION.md files.
### Installation, Setup and Update Scripts Contributed by Stuart Cardall - https://github.com/itoffshore
### There are also manual configuration instructions provided for those not wishing to do an auto install.
### ***********************************************
### -----------------------------------------------
### !!!!! PLEASE READ INLINE NOTES ON TESTING !!!!!
### ***********************************************
### -----------------------------------------------
### Note that:
### SETTINGS:
### ---------------------------------------------
### 0 = allowed - no limits
### 1 = allowed or rate limited less restrictive
### 2 = rate limited more
### 3 = block completely
### ---------------------------------------------
### ************************************************************
### ------------------------------------------------------------
### CONTRIBUTING / PULL REQUESTS / ADDING YOUR OWN BAD REFERRERS
### ************************************************************
### ------------------------------------------------------------
### For contributing, corrections or adding bots or referrers to this repo,
### Send a Pull Request (PR) on any of the .list files in the _generator_lists folder
### All Pull Requests will be checked for accuracy before being merged.
# *********************************
# FIRST BLOCK BY USER-AGENT STRINGS
# *********************************
# ***********************
# -----------------------
# !!!!! PLEASE TEST !!!!!
# ***********************
# -----------------------
# ALWAYS test any User-Agent Strings you add here to make sure you have it right
# Use a Chrome Extension called "User-Agent Switcher for Chrome" where you can create your
@ -98,36 +105,46 @@
# curl -I http://www.yourdomain.com -A "GoogleBot" ---- GIVES YOU: HTTP/1.1 200 OK (Meaning web page was served to Client)
# curl -I http://www.yourdomain.com -A "80legs" ---- GIVES YOU: curl: (52) Empty reply from server (Meaning Nginx gave a 444 Dropped Connection)
# In this section we allow/disallow specific User Agents / Bots.
# *********************************************************************
# Now we map all good and bad user agents to a variable called $bad_bot
# *********************************************************************
# =======================
# START BLOCKER FUNCTIONS
# =======================
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# DO NOT EDIT ANYTHING BELOW THIS LINE !!!
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# =============================
# BEGIN SECTION 1 - USER-AGENTS
# =============================
# ALLOW / BLOCK User Agents / Bots
# -------------------------------------------------------------------
# Map all GOOD and BAD UA (User Agents) to a variable called $bad_bot
# -------------------------------------------------------------------
map $http_user_agent $bad_bot {
default 0;
# ***********************************************
# Include your Own Custom List of Bad User Agents
# ***********************************************
# Use the include file below to further customize your own list of additional user-agents you wish to permanently block
# This include file allows whitelisting and blacklisting of anything specified below it, meaning you can over-ride anything in this blocker to your liking.
# ***********************************************************************************
# -----------------------------------------------------------------------------------
# START CUSTOM BLACKLISTED USER AGENTS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ***********************************************************************************
# -----------------------------------------------------------------------------------
# Include your Own Custom List of Bad User Agents
# Use the include file below to further customize your own list of additional user-agents you wish to permanently block
# This include file allows whitelisting and blacklisting of anything specified below it.
# This include file alows you to over-ride any Bad / Good UA (Bot) declared in this blocker to your liking.
include /etc/nginx/bots.d/blacklist-user-agents.conf;
# *********************************************************************************
# ---------------------------------------------------------------------------------
# END CUSTOM BLACKLISTED USER AGENTS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# *********************************************************************************
# ---------------------------------------------------------------------------------
# *********************************************
# Bad User-Agent Strings That We Block Outright
# *********************************************
# --------------------------------------------------
# BAD UA (User-Agent) Strings That We Block Outright
# --------------------------------------------------
# START BAD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)360Spider(?:\b|)" 3;
@ -688,9 +705,16 @@ map $http_user_agent $bad_bot {
"~*(?:\b)ZyBorg(?:\b|)" 3;
# END BAD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
# ***********************************************
# Allow Good User-Agent Strings We Know and Trust
# ***********************************************
# --------------------------------------------
# GOOD UA User-Agent Strings We Know and Trust
# --------------------------------------------
# -----------------------------------------------------------------------
# You can over-ride these in /etc/nginx/bots.d/blacklist-user-agents.conf
# by adding the same UA line there and chaning its value of 1
# If you think GoogleBot is bad you would simply add them to
# blacklist-user-agents.conf with a value of 1
# -----------------------------------------------------------------------
# START GOOD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)adidxbot(?:\b|)" 0;
@ -727,12 +751,13 @@ map $http_user_agent $bad_bot {
"~*(?:\b)yahoo(?:\b|)" 0;
# END GOOD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
# ***************************************************
# User-Agent Strings Allowed Through but Rate Limited
# ***************************************************
# --------------------------------------------------------
# GOOD UA User-Agent Rate Limiting 1 - Disabled by Default
# --------------------------------------------------------
# Some people block libwww-perl, it used widely in many valid (non rogue) agents
# I allow libwww-perl as I use it for monitoring systems with Munin but it is rate limited
# TO ACTIVATE THIS RATE LIMITING Uncomment these two lines in blockbots.conf
#limit_conn bot1_connlimit 100;
#limit_req zone=bot1_reqlimitip burst=50;
# START ALLOWED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)jetmon(?:\b|)" 1;
@ -743,9 +768,14 @@ map $http_user_agent $bad_bot {
"~*(?:\b)Wget/1.15(?:\b|)" 1;
# END ALLOWED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
# **************************************************************
# Rate Limited User-Agents who get a bit aggressive on bandwidth
# **************************************************************
# -------------------------------------------------------
# GOOD UA User-Agent Rate Limiting 2 - Enabled by Default
# -------------------------------------------------------
# -----------------------------------------------------------------------
# You can over-ride these in /etc/nginx/bots.d/blacklist-user-agents.conf
# by adding the same UA line there and chaning its value of 1
# -----------------------------------------------------------------------
# START LIMITED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)Alexa(?:\b|)" 2;
@ -769,162 +799,185 @@ map $http_user_agent $bad_bot {
}
# ===========================
# END SECTION 1 - USER-AGENTS
# ===========================
# *****************************************
# SECOND BLOCK BY REFERRER STRINGS AND URLS
# *****************************************
# =======================================
# BEGIN SECTION 2 - REFERRERS AND DOMAINS
# =======================================
# *****************
# ----------------
# PLEASE TEST !!!!
# *****************
# ----------------
# ------------------------------------------------------------------------------------------------------------------------------
# ALWAYS test referrers that you add. This is done manually as follows
# ------------------------------------------------------------------------------------------------------------------------------
# curl -I http://www.yourdomain.com -e http://anything.adcash.com --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e http://www.goodwebsite.com/not-adcash --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e http://www.betterwebsite.com/not/adcash --- GIVES YOU: curl: (52) Empty reply from server
# ------------------------------------------------------------------------------------------------------------------------------
# curl -I http://www.yourdomain.com -e http://www.google.com --- GIVES YOU: full html output of the web page
# curl -I http://www.yourdomain.com -e http://www.microsoft.com --- GIVES YOU: full html output of the web page
# ------------------------------------------------------------------------------------------------------------------------------
# Because of case-insensitive matching any combination of capitilization in the names will all produce a positive hit
# make sure you always test thoroughly and monitor logs. This section below also does NOT check for a preceding www.
# and it also does not care if the referrer request was sent with http https or even ftp.
# ------------------------------------------------------------------------------------------------------------------------------
# ***********************************************************************
# Now we map all bad referrer words below to a variable called $bad_words
# ***********************************************************************
# ----------------------------------------------------------------
# Map all BAD referrer words below to a variable called $bad_words
# ----------------------------------------------------------------
# --------------------------------
# START Bad Referrer Word Scanning
# --------------------------------
map $http_referer $bad_words {
default 0;
# **************************
# Bad Referrer Word Scanning
# **************************
# -------------------------------------------------------------------------------------------
# These are Words and Terms often found tagged onto domains or within url query strings.
# Create and Customize Your Own Bad Referrer Words Here using the new Include File Method
# New Method Uses the include file below so that when pulling future updates your
# customized list of bad referrer words are automatically now included for you
# Read Comments inside bad-referrer-words.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# BE VERY CAREFUL using the bad-referrer-words.conf file - please read the comment and
# BE VERY CAREFUL using this bad-referrer-words.conf file - please read the comments and
# examples inside the include file for detailed explanations into how seriously this can
# affect your own site from serving assets or other innocent sites from accessing your site
# For safety sake the whitelist-domains.conf file is also loaded here before the bad-referrer-words.conf file.
# For safety sake the whitelist-domains.conf file is also loaded here before the
# bad-referrer-words.conf file is loaded.
# -------------------------------------------------------------------------------------------
# ************************************************************************
# ------------------------------------------------------------------------
# START WHITELISTED DOMAINS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ************************************************************************
# ------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-domains.conf;
# **********************************************************************
# ----------------------------------------------------------------------
# END WHITELISTED DOMAINS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# **********************************************************************
# ----------------------------------------------------------------------
# ******************************************************************************
# ------------------------------------------------------------------------------
# START CUSTOM BAD REFERRER WORDS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ******************************************************************************
# ------------------------------------------------------------------------------
include /etc/nginx/bots.d/bad-referrer-words.conf;
# ****************************************************************************
# ----------------------------------------------------------------------------
# END CUSTOM BAD REFERRER WORDS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ****************************************************************************
# ----------------------------------------------------------------------------
}
# --------------------------------
# END Bad Referrer Word Scanning
# --------------------------------
# *************************
# Bad Referrer Domain Names
# *************************
# Now a list of bad referrer urls these domains or any combination of them ie .com .net
# will be blocked out. Doesn't matter if the protocol is http, https or even ftp
# ----------------------------------------
# START Good and Bad Referrer Domain Names
# ----------------------------------------
# -------------------------------------------------------------------------------------
# Good and Bad referrer urls Doesn't matter if the protocol is http, https or even ftp
# -------------------------------------------------------------------------------------
# ----------------------
# This section includes:
# **********************
# ----------------------
# --------------------------------------------------------------------------------
# Blocking of SEO company Semalt.com (now merged into this one section)
# MIRAI Botnet Domains Used for Mass Attacks
# Other known bad SEO companies and Ad Hijacking Sites
# Sites linked to malware, adware, clickjacking and ransomware
# Domain names and referrers used in referrer spam and seo hijacking
# Whitelisting of your own GOOD domains / referrers
# Whitelisting of any other GOOD domains / referrers you want explicitly NOT block
# --------------------------------------------------------------------------------
# *****************
# ----------------
# PLEASE TEST !!!!
# *****************
# ----------------
# ------------------------------------------------------------------------------------------------------------------------------------
# ALWAYS test referrers that you add. This is done manually as follows
# ------------------------------------------------------------------------------------------------------------------------------------
# curl -I http://www.yourdomain.com -e http://8gold.com --- GIVES YOU: curl: (52) Empty reply from server
# ------------------------------------------------------------------------------------------------------------------------------------
# Because of case-insensitive matching any combination of capitilization will all produce a positive hit - make sure you always test.
# ------------------------------------------------------------------------------------------------------------------------------------
# For Example any of the following variations below of 8gold.com will be detected and blocked
# ------------------------------------------------------------------------------------------------------------------------------------
# curl -I http://www.yourdomain.com -e http://NOT-8gold.com --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e http://this.is.not8gOlD.net --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e ftp://8gold.com --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e ftp://www.weare8gold.NET --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e https://subdomain.8gold.com --- GIVES YOU: curl: (52) Empty reply from server
# curl -I http://www.yourdomain.com -e https://NOT8GolD.org --- GIVES YOU: curl: (52) Empty reply from server
# ------------------------------------------------------------------------------------------------------------------------------------
# So if you see a bad referrer from wearegoogle.com and you want to block them just add
# them as "~*wearegoogle.com" don't ever go and do something like "~*google(-|.)" you will
# kill all your SEO in a week.
# ------------------------------------------------------------------------------------------------------------------------------------
# To add your own custom bad referrers use the custom include file
# /etc/nginx/bots.d/custom-bad-referrers.conf
# Or send a Pull Request to add it to the global blacklist for other users.
# In the bad referrers section I also include sites that hotlink images without permission.
# ------------------------------------------------------------------------------------------------------------------------------------
# ***********************************************************************
# Now we map all good & bad referrer urls to variable called #bad_referer
# ***********************************************************************
# --------------------------------------------------------------------
# Map all good & bad referrer DOMAINS to a variable called bad_referer
# --------------------------------------------------------------------
map $http_referer $bad_referer {
hostnames;
default 0;
# *************************************
# GOOD REFERRERS - Spared from Checking
# *************************************
# --------------------------------------------
# GOOD REFERRER DOMAINS - Spared from Checking
# --------------------------------------------
# ---------------------------------------------------------------------------------------
# Add all your own web site domain names and server names in this section
# WHITELIST Your Own Domain Names Here using the new Include File Method
# New Method Uses the include file below so that when pulling future updates your
# whitelisted domain names are automatically now included for you.
# Read Comments inside whitelist-domains.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# ---------------------------------------------------------------------------------------
# ************************************************************************
# ------------------------------------------------------------------------
# START WHITELISTED DOMAINS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ************************************************************************
# ------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-domains.conf;
# **********************************************************************
# ----------------------------------------------------------------------
# END WHITELISTED DOMAINS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# **********************************************************************
# ----------------------------------------------------------------------
# ***********************************
# -----------------------------------
# CUSTOM BAD REFERRERS - Add your Own
# ***********************************
# -----------------------------------
# Add any extra bad referrers in the following include file to have them
# permanently included and blocked - avoid duplicates in your custom file
# custom-bad-referrers.conf is BOTH a BLACKLIST AND WHITELIST
# custom-bad-referrers.conf ALLOWS complete over-riding of anything
# If you think google.com is bad you would simply add them to
# custom-bad-referrers.conf with a value of 1
# *************************************************************************
# -------------------------------------------------------------------------
# START CUSTOM BAD REFERRERS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# *************************************************************************
# -------------------------------------------------------------------------
include /etc/nginx/bots.d/custom-bad-referrers.conf;
# ***********************************************************************
# -----------------------------------------------------------------------
# END CUSTOM BAD REFERRERS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ***********************************************************************
# -----------------------------------------------------------------------
# START BAD REFERRERS ### DO NOT EDIT THIS LINE AT ALL ###
"~*(?:\b)000free\.us(?:\b|)" 1;
@ -7644,137 +7697,49 @@ map $http_referer $bad_referer {
# END BAD REFERRERS ### DO NOT EDIT THIS LINE AT ALL ###
}
# =====================================
# END SECTION 2 - REFERRERS AND DOMAINS
# =====================================
# ***********************************************
# WHITELISTING AND BLACKLISTING IP ADDRESS RANGES
# ***********************************************
# ========================================================================
# BEGIN SECTION 3 - WHITELISTING AND BLACKLISTING IP ADDRESSESE AND RANGES
# ========================================================================
# Geo directive to deny and also whitelist certain ip addresses
# --------------------------------------------------------------------------------------
# Map all GOOD and BAD IP Addresses and Ranges to a variable called geo $validate_client
# --------------------------------------------------------------------------------------
geo $validate_client {
# ********************
# First Our Safety Net
# ********************
# Anything not matching our rules is allowed through with default 0;
default 0;
# ***********************************
# Whitelist all your OWN IP addresses
# ***********************************
# ----------------------------------------------
# Whitelist all your OWN IP addresses and Ranges
# ----------------------------------------------
# --------------------------------------------------------------------------------------
# WHITELIST all your own IP addresses using the include file below.
# New Method Uses the include file below so that when pulling future updates your
# whitelisted IP addresses are automatically now included for you.
# Read Comments inside whitelist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# whitelist-ips.conf reigns supreme !!!
# Whatever you add to whitelist-ips.conf will be whitelisted FULL STOP
# Anything blacklisted above this line will be over-ridden by whitelist-ips.conf
# --------------------------------------------------------------------------------------
# **************************************************************************
# --------------------------------------------------------------------------
# START WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# **************************************************************************
# --------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-ips.conf;
# ************************************************************************
# ------------------------------------------------------------------------
# END WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ************************************************************************
# ------------------------------------------------------------------------
# ****************
# Google IP Ranges
# ****************
# For Safety Sake all Google's Known IP Ranges are all white listed
# START GOOGLE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
108.177.0.0/17 0;
172.217.0.0/16 0;
173.194.0.0/16 0;
2001:4860:4000::/36 0;
203.208.60.0/24 0;
207.126.144.0/20 0;
209.85.128.0/17 0;
216.239.32.0/19 0;
216.58.192.0/19 0;
2404:6800:4000::/36 0;
2607:f8b0:4000::/36 0;
2800:3f0:4000::/36 0;
2a00:1450:4000::/36 0;
2c0f:fb50:4000::/36 0;
35.192.0.0/12 0;
64.18.0.0/20 0;
64.233.160.0/19 0;
64.68.80.0/21 0;
65.52.0.0/14 0;
66.102.0.0/20 0;
66.249.64.0/19 0;
72.14.192.0/18 0;
74.125.0.0/16 0;
# END GOOGLE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# **************
# Bing IP Ranges
# **************
# For Safety Sake all Bing's Known IP Ranges are all white listed
# START BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
131.253.21.0/24 0;
131.253.22.0/23 0;
131.253.24.0/21 0;
131.253.24.0/22 0;
131.253.32.0/20 0;
157.54.0.0/15 0;
157.56.0.0/14 0;
157.60.0.0/16 0;
199.30.16.0/24 0;
199.30.27.0/24 0;
207.46.0.0/16 0;
40.112.0.0/13 0;
40.120.0.0/14 0;
40.124.0.0/16 0;
40.125.0.0/17 0;
40.74.0.0/15 0;
40.76.0.0/14 0;
40.80.0.0/12 0;
40.96.0.0/12 0;
# END BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# ********************
# Cloudflare IP Ranges
# ********************
# For Safety Sake all Cloudflare's Known IP Ranges are all white listed
# START CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
103.21.244.0/22 0;
103.22.200.0/22 0;
103.31.4.0/22 0;
104.16.0.0/12 0;
108.162.192.0/18 0;
131.0.72.0/22 0;
141.101.64.0/18 0;
162.158.0.0/15 0;
172.64.0.0/13 0;
173.245.48.0/20 0;
188.114.96.0/20 0;
190.93.240.0/20 0;
197.234.240.0/22 0;
198.41.128.0/17 0;
199.27.128.0/21 0;
2400:cb00::/32 0;
2405:8100::/32 0;
2405:b500::/32 0;
2606:4700::/32 0;
2803:f800::/32 0;
2a06:98c0::/29 0;
2c0f:f248::/32 0;
# END CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# *************************
# Wordpress Theme Detectors
# *************************
# -------------------------------------
# BLOCK known Wordpress Theme Detectors
# -------------------------------------
# START WP THEME DETECTORS ### DO NOT EDIT THIS LINE AT ALL ###
@ -7818,10 +7783,11 @@ geo $validate_client {
89.36.223.188 1; #www.cuteseotools.net/wordpress-theme-detector
# END WP THEME DETECTORS ### DO NOT EDIT THIS LINE AT ALL ###
# ****************************************
# NIBBLER - SEO testing and reporting tool
# ****************************************
# ----------------------------------------------
# BLOCK NIBBLER - SEO testing and reporting tool
# ----------------------------------------------
# See - http://nibbler.silktide.com/
# ----------------------------------------------
# START NIBBLER ### DO NOT EDIT THIS LINE AT ALL ###
52.201.238.175 1;
@ -7834,33 +7800,10 @@ geo $validate_client {
# END NIBBLER ### DO NOT EDIT THIS LINE AT ALL ###
# ****************************
# Known Bad IP's and IP Ranges
# *************************************************
# Blacklist IP addresses and IP Ranges Customizable
# *************************************************
# BLACKLIST all your IP addresses and Ranges using the new include file below.
# New Method Uses the include file below so that when pulling future updates your
# Custom Blacklisted IP addresses are automatically now included for you.
# Read Comments inside blacklist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# ********************************************************************
# START BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ********************************************************************
include /etc/nginx/bots.d/blacklist-ips.conf;
# ******************************************************************
# END BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ******************************************************************
# *********************************************************************************************
# KNOWN BAD IP ADDRESSES
# Source: https://github.com/mitchellkrogza/Suspicious.Snooping.Sniffing.Hacking.IP.Addresses
# A Reliable Daily Updated List Included Below of Known Bad IP Addresses, Snoopers and Sniffers
# *********************************************************************************************
# -----------------------------------------
# BLOCK KNOWN BAD IP ADDRESSES
# Top known bad IP Adresses from abuseIPDB
# -----------------------------------------
# START KNOWN BAD IP ADDRESSES ### DO NOT EDIT THIS LINE AT ALL ###
193.32.163.89 1;
@ -17864,33 +17807,176 @@ geo $validate_client {
46.101.115.65 1;
# END KNOWN BAD IP ADDRESSES ### DO NOT EDIT THIS LINE AT ALL ###
# --------------------------
# WHITELIST Google IP Ranges
# --------------------------
# START GOOGLE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
108.177.0.0/17 0;
172.217.0.0/16 0;
173.194.0.0/16 0;
2001:4860:4000::/36 0;
203.208.60.0/24 0;
207.126.144.0/20 0;
209.85.128.0/17 0;
216.239.32.0/19 0;
216.58.192.0/19 0;
2404:6800:4000::/36 0;
2607:f8b0:4000::/36 0;
2800:3f0:4000::/36 0;
2a00:1450:4000::/36 0;
2c0f:fb50:4000::/36 0;
35.192.0.0/12 0;
64.18.0.0/20 0;
64.233.160.0/19 0;
64.68.80.0/21 0;
65.52.0.0/14 0;
66.102.0.0/20 0;
66.249.64.0/19 0;
72.14.192.0/18 0;
74.125.0.0/16 0;
# END GOOGLE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# ------------------------
# WHITELIST Bing IP Ranges
# ------------------------
# START BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
131.253.21.0/24 0;
131.253.22.0/23 0;
131.253.24.0/21 0;
131.253.24.0/22 0;
131.253.32.0/20 0;
157.54.0.0/15 0;
157.56.0.0/14 0;
157.60.0.0/16 0;
199.30.16.0/24 0;
199.30.27.0/24 0;
207.46.0.0/16 0;
40.112.0.0/13 0;
40.120.0.0/14 0;
40.124.0.0/16 0;
40.125.0.0/17 0;
40.74.0.0/15 0;
40.76.0.0/14 0;
40.80.0.0/12 0;
40.96.0.0/12 0;
# END BING IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# ------------------------------
# WHITELIST Cloudflare IP Ranges
# ------------------------------
# START CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
103.21.244.0/22 0;
103.22.200.0/22 0;
103.31.4.0/22 0;
104.16.0.0/12 0;
108.162.192.0/18 0;
131.0.72.0/22 0;
141.101.64.0/18 0;
162.158.0.0/15 0;
172.64.0.0/13 0;
173.245.48.0/20 0;
188.114.96.0/20 0;
190.93.240.0/20 0;
197.234.240.0/22 0;
198.41.128.0/17 0;
199.27.128.0/21 0;
2400:cb00::/32 0;
2405:8100::/32 0;
2405:b500::/32 0;
2606:4700::/32 0;
2803:f800::/32 0;
2a06:98c0::/29 0;
2c0f:f248::/32 0;
# END CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# -------------------------------------------------
# BLACKLIST IP addresses and IP Ranges Customizable
# -------------------------------------------------
# --------------------------------------------------------------------------------------
# BLACKLIST all your IP addresses and Ranges using the new include file below.
# New Method Uses the include file below so that when pulling future updates your
# Custom Blacklisted IP addresses are automatically now included for you.
# Read Comments inside blacklist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# Anything added to blacklist-ips.conf will over-ride anything whitelisted above
# --------------------------------------------------------------------------------------
# --------------------------------------------------------------------
# START BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# --------------------------------------------------------------------
include /etc/nginx/bots.d/blacklist-ips.conf;
# ------------------------------------------------------------------
# END BLACKLISTED IPS ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ------------------------------------------------------------------
# ----------------------------------------------
# Whitelist all your OWN IP addresses and Ranges
# ----------------------------------------------
# --------------------------------------------------------------------------------------
# WHITELIST all your own IP addresses using the include file below.
# New Method Uses the include file below so that when pulling future updates your
# whitelisted IP addresses are automatically now included for you.
# Read Comments inside whitelist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# whitelist-ips.conf reigns supreme !!!
# Whatever you add to whitelist-ips.conf will be whitelisted FULL STOP
# Anything blacklisted above this line will be over-ridden by whitelist-ips.conf
# --------------------------------------------------------------------------------------
# --------------------------------------------------------------------------
# START WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# --------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-ips.conf;
# ------------------------------------------------------------------------
# END WHITELISTED IP RANGES ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ------------------------------------------------------------------------
}
# --------------------------------------------------------------------------------------
# WHITELIST your own IPs from the DDOS Filter
# Add your own IP addresses and ranges into the custom include file whitelist-ips.conf
# to spare them from the rate limiting DDOS filter.
# This section includes the same / single whitelist-ips.conf file so you only
# need to edit that include file and have it include here for you too.
# --------------------------------------------------------------------------------------
geo $ratelimited {
default 1;
# ***************************************************************************
# ---------------------------------------------------------------------------
# START WHITELISTED IP RANGES2 ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# ***************************************************************************
# ---------------------------------------------------------------------------
include /etc/nginx/bots.d/whitelist-ips.conf;
# *************************************************************************
# -------------------------------------------------------------------------
# END WHITELISTED IP RANGES2 ### DO NOT EDIT OR REMOVE THIS LINE AT ALL ###
# *************************************************************************
# -------------------------------------------------------------------------
}
# *****************************************
# MAP BAD BOTS TO OUR RATE LIMITER FUNCTION
# *****************************************
# ======================================================================
# END SECTION 3 - WHITELISTING AND BLACKLISTING IP ADDRESSESE AND RANGES
# ======================================================================
# ============================================
# BEGIN SECTION 4 - ACTIVATE BLOCKER FUNCTIONS
# ============================================
# --------------------------------------------
# 1. MAP BAD BOTS TO OUR RATE LIMITER FUNCTION
# --------------------------------------------
map $bad_bot $bot_iplimit {
0 "";
@ -17898,30 +17984,31 @@ geo $ratelimited {
2 $binary_remote_addr;
}
# ***********************
# SET RATE LIMITING ZONES
# ***********************
# --------------------------
# 2. SET RATE LIMITING ZONES
# --------------------------
# BAD BOT RATE LIMITING ZONE
# limits for Zone $bad_bot = 1
# Nothing Set - you can set a different zone limiter here if you like
# We issue a 444 response instead to all bad bots.
# Rate limiting will only take effect if on any User-Agents with a value of 2
# limits for Zone $bad_bot = 2
# this rate limiting will only take effect if you change any of the bots and change
# their block value from 1 to 2.
limit_conn_zone $bot_iplimit zone=bot2_connlimit:16m;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=2r/s;
limit_req_zone $bot_iplimit zone=bot2_reqlimitip:16m rate=6r/m;
### *** MAKE SURE TO ADD to your nginx.conf ***
### server_names_hash_bucket_size 64;
### server_names_hash_max_size 4096;
### limit_req_zone $binary_remote_addr zone=flood:50m rate=90r/s;
### limit_conn_zone $binary_remote_addr zone=addr:50m;
### to allow it to load this large set of domains into memory and to set the rate limiting zones for the DDOS filter.
# ==========================================
# END SECTION 4 - ACTIVATE BLOCKER FUNCTIONS
# ==========================================
### THE END of the Long and Winding Road
# =====================
# END BLOCKER FUNCTIONS
# =====================
### Also check out my Ultimate Apache Bad Bot Blocker on Github
### https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker
### --------------------------------------------
### HELP SUPPORT THIS PROJECT - Send Me a Coffee
### https://ko-fi.com/mitchellkrog
### --------------------------------------------
### FOR APACHE SERVERS
### ---------------------------------------------
### Check out the Ultimate Apache Bad Bot Blocker
### ---------------------------------------------

10
.dev-tools/modify-files-and-commit.sh
View file

@ -47,6 +47,16 @@ YEAR=$(date +"%Y")
MONTH=$(date +"%m")
cd ${TRAVIS_BUILD_DIR}
# *******************
# RELEASE NEW VERSION
# *******************
latestbuild=V4.${YEAR}.${MONTH}.${TRAVIS_BUILD_NUMBER}
printf "\n"
echo "${bold}${green}All Nginx Tests Completed"
echo "${bold}${green}All Bot and Referrer Testing Completed"
echo "${bold}${green}All Function Testing Completed"
echo "${bold}${magenta}Releasing ${latestbuild}"
# *******************************
# Remove Remote Added by TravisCI
# *******************************

10
.dev-tools/test-blocker-rate-limiting.sh
View file

@ -62,7 +62,7 @@ echo "${bold}${yellow}----------------------------------------------------------
printf "\n\n"
sleep 10s
ratelimittestfile=${TRAVIS_BUILD_DIR}/.dev-tools/test_units/ratelimittest.txt
ratelimittestfile=${TRAVIS_BUILD_DIR}/.dev-tools/test_units/ratelimittest-master.txt
truncate -s 0 ${ratelimittestfile}
curl -A "GoogleBot" http://localhost:9000 2>&1 > ${ratelimittestfile} &
curl -A "GoogleBot" http://localhost:9000 2>&1 >> ${ratelimittestfile} &
@ -95,10 +95,10 @@ echo "${bold}${green}-----------------------------------------------------------
echo "${bold}${green}Make Backup all conf files and folders used during this test"
echo "${bold}${green}------------------------------------------------------------"
printf "\n"
sudo cp /etc/nginx/bots.d/* ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_testing_changes_ratelimiting/bots.d/
sudo cp /etc/nginx/conf.d/* ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_testing_changes_ratelimiting/conf.d/
sudo cp /etc/nginx/sites-available/default.vhost ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_testing_changes_ratelimiting/default.vhost
sudo cp /etc/nginx/nginx.conf ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_testing_changes_ratelimiting/nginx.conf
sudo cp /etc/nginx/bots.d/* ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_ratelimiting/bots.d/
sudo cp /etc/nginx/conf.d/* ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_ratelimiting/conf.d/
sudo cp /etc/nginx/sites-available/default.vhost ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_ratelimiting/default.vhost
sudo cp /etc/nginx/nginx.conf ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_ratelimiting/nginx.conf

22
.dev-tools/test-blocker-whitelist-ips.sh
View file

@ -59,29 +59,17 @@ printf '%s\t%s\n' "127.0.0.1" "1;" >> ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/
printf '%s\t%s\n' "127.0.0.1" "0;" >> ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/whitelist-ips.conf
sudo cp ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/whitelist-ips.conf /etc/nginx/bots.d/whitelist-ips.conf
sudo cp ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/botblocker-nginx-settings.conf /etc/nginx/conf.d/botblocker-nginx-settings.conf
#printf "\n"
#echo "${bold}${yellow}---------------------------------------------------"
#echo "${bold}${yellow}Copy Test Unit of globalblacklist.conf file to test"
#echo "${bold}${yellow}---------------------------------------------------"
#printf "\n"
#sudo cp ${TRAVIS_BUILD_DIR}/conf.d/globalblacklist-testing-version.conf /etc/nginx/conf.d/globalblacklist.conf
echo "${bold}${green}---------------"
echo "${bold}${green}Reloading Nginx"
echo "${bold}${green}---------------"
printf "\n\n"
sudo nginx -t && sudo nginx -s reload
echo "${bold}${yellow}-----------------------------------------------------------------------"
echo "${bold}${yellow}Sleeping for 10 seconds to allow Nginx to Properly Reload inside Travis"
echo "${bold}${yellow}-----------------------------------------------------------------------"
printf "\n\n"
sleep 30s
sleep 10s
# *************************************************
# Function Curl Test 1 - Test User Domain Whitelist
@ -112,10 +100,10 @@ echo "${bold}${green}-----------------------------------------------------------
echo "${bold}${green}Make Backup all conf files and folders used during this test"
echo "${bold}${green}------------------------------------------------------------"
printf "\n"
sudo cp /etc/nginx/bots.d/* ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_testing_changes_ip_whitelist/bots.d/
sudo cp /etc/nginx/conf.d/* ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_testing_changes_ip_whitelist/conf.d/
sudo cp /etc/nginx/sites-available/default.vhost ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_testing_changes_ip_whitelist/default.vhost
sudo cp /etc/nginx/nginx.conf ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_testing_changes_ip_whitelist/nginx.conf
sudo cp /etc/nginx/bots.d/* ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_ip_whitelist/bots.d/
sudo cp /etc/nginx/conf.d/* ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_ip_whitelist/conf.d/
sudo cp /etc/nginx/sites-available/default.vhost ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_ip_whitelist/default.vhost
sudo cp /etc/nginx/nginx.conf ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_ip_whitelist/nginx.conf
# **********************

32
.dev-tools/test-blocker-whitelist.sh
View file

@ -170,17 +170,17 @@ fi
run_curltest2
# ************************************************
# Test 250 User-Agents from Bad-User-Agents
# Test 100 User-Agents from Bad-User-Agents
# ************************************************
shuf -n 250 ${TRAVIS_BUILD_DIR}/_generator_lists/bad-user-agents.list > ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/random-bots-for-whitelist-test.tmp
shuf -n 100 ${TRAVIS_BUILD_DIR}/_generator_lists/bad-user-agents.list > ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/random-bots-for-whitelist-test.tmp
sed 's/\\//g' ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/random-bots-for-whitelist-test.tmp > ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/random-bots-for-whitelist-test.list
sudo rm ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/random-bots-for-whitelist-test.tmp
sort -u ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/random-bots-for-whitelist-test.list -o ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/random-bots-for-whitelist-test.list
printf "\n\n"
echo "${bold}${magenta}---------------------------"
echo "${bold}${magenta}Testing 250 Random Bad Bots"
echo "${bold}${magenta}Testing 100 Random Bad Bots"
echo "${bold}${magenta}---------------------------"
printf "\n\n"
IFS=$'\n'
@ -197,17 +197,17 @@ done
IFS=""
# ************************************************
# Test 250 Referrers from Bad-Referrers
# Test 100 Referrers from Bad-Referrers
# ************************************************
shuf -n 250 ${TRAVIS_BUILD_DIR}/_generator_lists/bad-referrers.list > ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/random-referrers-for-whitelist-test.tmp
shuf -n 100 ${TRAVIS_BUILD_DIR}/_generator_lists/bad-referrers.list > ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/random-referrers-for-whitelist-test.tmp
sed 's/\\//g' ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/random-referrers-for-whitelist-test.tmp > ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/random-referrers-for-whitelist-test.list
sudo rm ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/random-referrers-for-whitelist-test.tmp
sort -u ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/random-referrers-for-whitelist-test.list -o ${TRAVIS_BUILD_DIR}/.dev-tools/test_units/random-referrers-for-whitelist-test.list
printf "\n\n"
echo "${bold}${magenta}----------------------------"
echo "${bold}${magenta}Testing 250 Random Referrers"
echo "${bold}${magenta}Testing 100 Random Referrers"
echo "${bold}${magenta}----------------------------"
printf "\n\n"
IFS=$'\n'
@ -238,22 +238,10 @@ echo "${bold}${green}-----------------------------------------------------------
echo "${bold}${green}Make Backup all conf files and folders used during this test"
echo "${bold}${green}------------------------------------------------------------"
printf "\n"
sudo cp /etc/nginx/bots.d/* ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_testing_changes_whitelist/bots.d/
sudo cp /etc/nginx/conf.d/* ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_testing_changes_whitelist/conf.d/
sudo cp /etc/nginx/sites-available/default.vhost ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_testing_changes_whitelist/default.vhost
sudo cp /etc/nginx/nginx.conf ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_testing_changes_whitelist/nginx.conf
# *******************
# RELEASE NEW VERSION
# *******************
YEAR=$(date +"%Y")
MONTH=$(date +"%m")
latestbuild=V4.${YEAR}.${MONTH}.${TRAVIS_BUILD_NUMBER}
printf "\n"
echo "${bold}${green}All Nginx Tests Completed"
echo "${bold}${green}All Bot and Referrer Testing Completed"
echo "${bold}${green}All Function Testing Completed"
echo "${bold}${magenta}Releasing ${latestbuild}"
sudo cp /etc/nginx/bots.d/* ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_whitelist/bots.d/
sudo cp /etc/nginx/conf.d/* ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_whitelist/conf.d/
sudo cp /etc/nginx/sites-available/default.vhost ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_whitelist/default.vhost
sudo cp /etc/nginx/nginx.conf ${TRAVIS_BUILD_DIR}/.dev-tools/_conf_files_whitelist/nginx.conf
# **********************
# Exit With Error Number

6
.travis.yml
View file

@ -40,6 +40,12 @@ script:
- bash .dev-tools/generate-files.sh
- bash .dev-tools/install-nginx-1.sh
- bash .dev-tools/test-blocker-quick.sh
- bash .dev-tools/test-blocker-badwords.sh
- bash .dev-tools/test-blocker-whitelist-domains.sh
- bash .dev-tools/test-blocker-whitelist-ips.sh
- bash .dev-tools/test-blocker-rate-limiting.sh
- bash .dev-tools/test-blocker-whitelist.sh
# HERE WE TEST update-ngxblocker setup-ngxblocker
#- bash .dev-tools/install-nginx-2.sh
#- bash .dev-tools/test-blocker-quick.sh
#- bash .dev-tools/install-nginx-3.sh