vikarti.anatra/nginx-ultimate-bad-bot-blocker
1
0
Fork 0
mirror of https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker.git synced 2025-09-02 10:40:36 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update Changelog / Fix Updating EnginTron globalblacklist.conf

Browse source
This commit is contained in:
Mitchell Krog UB1 2017-04-21 10:18:03 +02:00
parent be23cc429c
commit f6a4a174b3
4 changed files with 187 additions and 348 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
CHANGELOG.md
View file

@ -1,5 +1,9 @@
# CHANGELOG - Nginx Bad Bot Blocker
### 2017-04-21
- Updated install-ngxblocker script from Stuart Cardall @itoffshore
- Fixed updating globalblacklist.conf in EnginTron example folder
### 2017-04-20 (MAJOR VERSION UPDATE) - V2.2017.07
- New include files introduced:

523
Engintron_for_cPanel_WHM_Configuration_Example/etc/nginx/conf.d/globalblacklist.conf
View file

@ -2,7 +2,7 @@
### THE ULTIMATE NGINX BAD BOT BLOCKER
### **********************************
### Version 2.2017.05
### Version 2.2017.07
### This file implements a checklist / blacklist for good user agents, bad user agents and
### bad referrers. It also has whitelisting for your own IP's and known good IP Ranges
@ -17,11 +17,11 @@
### - https://github.com/oohnoitz/nginx-blacklist
### Last Updated
### Mon Apr 17 10:02:09 SAST 2017
### Fri Apr 21 10:18:03 SAST 2017
### End Last Updated
### Generated in
### 0.312251091003 seconds
### 0.261167287827 seconds
### End Generated in
### Tested on: nginx/1.10.0 (Ubuntu 16.04)
@ -128,35 +128,35 @@ map $http_user_agent $bad_bot {
# ***********************************************
# START GOOD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*adidxbot" 0;
"~*AdsBot-Google" 0;
"~*aolbuild" 0;
"~*bingbot" 0;
"~*bingpreview" 0;
"~*DoCoMo" 0;
"~*duckduckgo" 0;
"~*facebookexternalhit" 0;
"~*Feedfetcher-Google" 0;
"~*Googlebot" 0;
"~*Googlebot-Image" 0;
"~*Googlebot-Mobile" 0;
"~*Googlebot-News" 0;
"~*Googlebot/Test" 0;
"~*Googlebot-Video" 0;
"~*Google-HTTP-Java-Client" 0;
"~*gsa-crawler" 0;
"~*Jakarta\ Commons" 0;
"~*Kraken/0.1" 0;
"~*LinkedInBot" 0;
"~*Mediapartners-Google" 0;
"~*msnbot" 0;
"~*msnbot-media" 0;
"~*SAMSUNG" 0;
"~*slurp" 0;
"~*teoma" 0;
"~*TwitterBot" 0;
"~*Wordpress" 0;
"~*yahoo" 0;
"~adidxbot" 0;
"~AdsBot-Google" 0;
"~aolbuild" 0;
"~bingbot" 0;
"~bingpreview" 0;
"~DoCoMo" 0;
"~duckduckgo" 0;
"~facebookexternalhit" 0;
"~Feedfetcher-Google" 0;
"~Googlebot" 0;
"~Googlebot-Image" 0;
"~Googlebot-Mobile" 0;
"~Googlebot-News" 0;
"~Googlebot/Test" 0;
"~Googlebot-Video" 0;
"~Google-HTTP-Java-Client" 0;
"~gsa-crawler" 0;
"~Jakarta\ Commons" 0;
"~Kraken/0.1" 0;
"~LinkedInBot" 0;
"~Mediapartners-Google" 0;
"~msnbot" 0;
"~msnbot-media" 0;
"~SAMSUNG" 0;
"~slurp" 0;
"~teoma" 0;
"~TwitterBot" 0;
"~Wordpress" 0;
"~yahoo" 0;
# END GOOD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
# **************************************************
@ -166,12 +166,11 @@ map $http_user_agent $bad_bot {
# I allow libwww-perl as I use it for monitoring systems with Munin but it is rate limited
# START ALLOWED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*jetmon" 1;
"~*libwww-perl" 1;
"~*Lynx" 1;
"~*munin" 1;
"~*Wget/1.15" 1;
"~*WordPress" 1;
"~jetmon" 1;
"~libwww-perl" 1;
"~Lynx" 1;
"~munin" 1;
"~Wget/1.15" 1;
# END ALLOWED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
# **************************************************************
@ -179,22 +178,22 @@ map $http_user_agent $bad_bot {
# **************************************************************
# START LIMITED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
"~*Alexa" 2;
"~*archive.org" 2;
"~*Baidu" 2;
"~*FlipboardProxy" 2;
"~*ia_archiver" 2;
"~*Mozilla/4.0" 2;
"~*MSIE\ 7.0" 2;
"~*Presto" 2;
"~*R6_CommentReader" 2;
"~*R6_FeedFetcher" 2;
"~*RPT-HTTPClient" 2;
"~*sfFeedReader/0.9" 2;
"~*Spaidu" 2;
"~*UptimeRobot/2.0" 2;
"~*YandexBot" 2;
"~*YandexImages" 2;
"~Alexa" 2;
"~archive.org" 2;
"~Baidu" 2;
"~FlipboardProxy" 2;
"~ia_archiver" 2;
"~Mozilla/4.0" 2;
"~MSIE\ 7.0" 2;
"~Presto" 2;
"~R6_CommentReader" 2;
"~R6_FeedFetcher" 2;
"~RPT-HTTPClient" 2;
"~sfFeedReader/0.9" 2;
"~Spaidu" 2;
"~UptimeRobot/2.0" 2;
"~YandexBot" 2;
"~YandexImages" 2;
# END LIMITED BOTS ### DO NOT EDIT THIS LINE AT ALL ###
# *********************************************
@ -206,9 +205,11 @@ map $http_user_agent $bad_bot {
# ***********************************************
# Include your Own Custom List of Bad User Agents
# ***********************************************
# use the include file below to further customize your own list of additional
# user-agents you wish to permanently block
# START BLACKLISTED USER AGENTS ### DO NOT EDIT THIS LINE AT ALL ###
include /etc/nginx/bots.d/blacklist-user-agents.conf;
include /etc/nginx/bots.d/blacklist-user-agents.conf;
# END BLACKLISTED USER AGENTS ### DO NOT EDIT THIS LINE AT ALL ###
# START BAD BOTS ### DO NOT EDIT THIS LINE AT ALL ###
@ -385,7 +386,6 @@ map $http_user_agent $bad_bot {
"~*Jyxobot" 3;
"~*Kenjin\ Spider" 3;
"~*Keyword\ Density" 3;
"~*Kraken" 3;
"~*Lanshanbot" 3;
"~*Larbin" 3;
"~*LeechFTP" 3;
@ -672,7 +672,6 @@ map $http_user_agent $bad_bot {
"~*Xaldon_WebSpider" 3;
"~*Xaldon\ WebSpider" 3;
"~*Xenu" 3;
"~*Y!J-ASR" 3;
"~*YoudaoBot" 3;
"~*Zade" 3;
"~*Zermelo" 3;
@ -732,107 +731,21 @@ map $http_user_agent $bad_bot {
map $http_referer $bad_words {
default 0;
# ************************
# Bad Referer Single Words
# ************************
# These are Words and Terms often found tagged onto domains or within url query strings.
# *************************
# Bad Referer Word Scanning
# *************************
# These are Words and Terms often found tagged onto domains or within url query strings.
# Create and Customize Your Own Bad Referrer Words Here using the new Include File Method
# New Method Uses the include file below so that when pulling future updates your
# customized list of bad referrer words are automatically now included for you
# Read Comments inside bad-referrer-words.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# START CUSTOM BAD REFERRER WORDS ### DO NOT EDIT THIS LINE AT ALL ###
include /etc/nginx/bots.d/bad-referrer-words.conf;
# END CUSTOM BAD REFERRER WORDS ### DO NOT EDIT THIS LINE AT ALL ###
# START BAD REFERER WORDS ### DO NOT EDIT THIS LINE AT ALL ###
"~*adultgalls" 1;
"~*advair" 1;
"~*allegra" 1;
"~*allopurinol" 1;
"~*amantadine" 1;
"~*amateurxpass" 1;
"~*ambien" 1;
"~*amitriptyline" 1;
"~*amoxicillin" 1;
"~*anafranil" 1;
"~*asshole" 1;
"~*atenolol" 1;
"~*avalide" 1;
"~*baccarat" 1;
"~*beastiality" 1;
"~*bestiality" 1;
"~*bigblackbooty" 1;
"~*bithack" 1;
"~*blackjack" 1;
"~*blacktits" 1;
"~*blogincome" 1;
"~*blowjob" 1;
"~*bontril" 1;
"~*camgirls" 1;
"~*cephalexin" 1;
"~*cialis" 1;
"~*cookie-law-enforcement" 1;
"~*cunt" 1;
"~*dapoxetine" 1;
"~*diclofenac" 1;
"~*dildos" 1;
"~*effexor" 1;
"~*fluoxetine" 1;
"~*free-share-buttons" 1;
"~*free-social-buttons" 1;
"~*fuck" 1;
"~*fuck-paid-share-buttons" 1;
"~*gaygalls" 1;
"~*gaysex" 1;
"~*getamateurs" 1;
"~*glucophage" 1;
"~*holdem" 1;
"~*hold-em" 1;
"~*hydrochlorothiazide" 1;
"~*iconsurf" 1;
"~*ilovevitaly" 1;
"~*incest" 1;
"~*internetsupervision" 1;
"~*law-enforcement-bot" 1;
"~*law-enforcement-check" 1;
"~*lesbian" 1;
"~*levitra" 1;
"~*lipitor" 1;
"~*livesex" 1;
"~*makemoneyonline" 1;
"~*make-money-online" 1;
"~*medikament" 1;
"~*monetisetrk" 1;
"~*myftpupload" 1;
"~*nudeceleb" 1;
"~*oralsex" 1;
"~*paxil" 1;
"~*phentermine" 1;
"~*prednisone" 1;
"~*pussy" 1;
"~*screentoolkit" 1;
"~*seoexperimenty" 1;
"~*share-buttons" 1;
"~*share-buttons-for-free" 1;
"~*skelaxin" 1;
"~*social-buttons-" 1;
"~*social-traffic-" 1;
"~*suhagra" 1;
"~*syntryx" 1;
"~*t0phackteam" 1;
"~*titten" 1;
"~*tramadol" 1;
"~*tramidol" 1;
"~*trazodone" 1;
"~*valtrex" 1;
"~*viagra" 1;
"~*vibrators" 1;
"~*vicodin" 1;
"~*vvakhrin-ws1" 1;
"~*webfuck" 1;
"~*whipme" 1;
"~*whipping" 1;
"~*xanax" 1;
"~*xxxrus" 1;
"~*zanax" 1;
"~*zeroredirect" 1;
"~*zestoretic" 1;
"~*zithromax" 1;
"~*zoloft" 1;
# END BAD REFERER WORDS ### DO NOT EDIT THIS LINE AT ALL ###
}
# ************************
@ -847,7 +760,7 @@ map $http_referer $bad_words {
# Blocking of SEO company Semalt.com (now merged into this one section)
# MIRAI Botnet Domains Used for Mass Attacks
# Other known bad SEO companies and Ad Hijacking Sites
# Sites linked to malware, adware and ransomware
# Sites linked to malware, adware, clickjacking and ransomware
# *****************
# PLEASE TEST !!!!
@ -895,14 +808,29 @@ map $http_referer $bad_referer {
# GOOD REFERERS - Spared from Checking
# ************************************
# Add your own domain names here to spare them from referer checking (one per line)
# Use the new include file method so any further updates will no longer require you to
# have to keep putting your whitelisted domains here when updating.
# Add all your own web site domain names and server names in this section
# WHITELIST Your Own Domain Names Here using the Include File Method
# New Method Uses the include file below so that when pulling future updates your
# whitelisted domain names are automatically now included for you.
# Read Comments inside whitelist-domains.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# START WHITELISTED DOMAINS ### DO NOT EDIT THIS LINE AT ALL ###
include /etc/nginx/bots.d/whitelist-domains.conf;
# END WHITELISTED DOMAINS ### DO NOT EDIT THIS LINE AT ALL ###
# *******************************************
# CUSTOM BAD REFERERS - Add your Own
# *******************************************
# Add any extra bad referers in the following include file to have them
# permanently included and blocked - avoid duplicates in your custom file
# START CUSTOM BAD REFERRERS ### DO NOT EDIT THIS LINE AT ALL ###
include /etc/nginx/bots.d/custom-bad-referrers.conf;
# END CUSTOM BAD REFERRERS ### DO NOT EDIT THIS LINE AT ALL ###
# START BAD REFERERS ### DO NOT EDIT THIS LINE AT ALL ###
"~*000free.us" 1;
"~*007angels.com" 1;
@ -910,6 +838,8 @@ map $http_referer $bad_referer {
"~*00go.com" 1;
"~*00it.com" 1;
"~*00webcams.com" 1;
"~*0912701309f8ce.com" 1;
"~*0c47f8422d3f.com" 1;
"~*0n-line.tv" 1;
"~*100dollars-seo.com" 1;
"~*101billion.com" 1;
@ -935,6 +865,7 @@ map $http_referer $bad_referer {
"~*1bet.com" 1;
"~*1-free-share-buttons.com" 1;
"~*1hwy.com" 1;
"~*1j7740kd.website" 1;
"~*1kinobig.ru" 1;
"~*1millionusd.xyz" 1;
"~*1pamm.ru" 1;
@ -946,6 +877,7 @@ map $http_referer $bad_referer {
"~*24videos.tv" 1;
"~*24x7-server-support.site" 1;
"~*256bit.by" 1;
"~*2728fb936f0.com" 1;
"~*273-fz.ru" 1;
"~*28n2gl3wfyb0.ru" 1;
"~*2ads.co.uk" 1;
@ -973,12 +905,14 @@ map $http_referer $bad_referer {
"~*5000-cotydzien.com" 1;
"~*51.la" 1;
"~*51unlim.ru" 1;
"~*55wmz.ru" 1;
"~*57883.net" 1;
"~*5elementov.ru" 1;
"~*5forex.ru" 1;
"~*5i2.net" 1;
"~*5kstore.com" 1;
"~*5u.com" 1;
"~*66cpwgln.space" 1;
"~*6hopping.com" 1;
"~*72-news.com" 1;
"~*76brighton.co.uk" 1;
@ -995,6 +929,7 @@ map $http_referer $bad_referer {
"~*8xv8.com" 1;
"~*98oi.ru" 1;
"~*999webdesign.com" 1;
"~*9icmzvn6.website" 1;
"~*9med.net" 1;
"~*a342ae9750004b14b55f7310eff0ab65.com" 1;
"~*aa08daf7e13b6345e09e92f771507fa5f4.com" 1;
@ -1170,6 +1105,7 @@ map $http_referer $bad_referer {
"~*apartmentbay.ru" 1;
"~*apartmentratings.com" 1;
"~*apartment.ru" 1;
"~*apccargo.com" 1;
"~*apiadanaknet-a.akamaihd.net" 1;
"~*apiallgeniusinfo-a.akamaihd.net" 1;
"~*apiappenableinfo-a.akamaihd.net" 1;
@ -1195,6 +1131,7 @@ map $http_referer $bad_referer {
"~*appfixing.space" 1;
"~*appiq.mobi" 1;
"~*appleid-verification.com" 1;
"~*applicationg29.com" 1;
"~*app-ready.xyz" 1;
"~*approved.su" 1;
"~*appsaurus.com" 1;
@ -1209,9 +1146,11 @@ map $http_referer $bad_referer {
"~*arcadeplayhouse.com" 1;
"~*architecturebest.com" 1;
"~*arclk.net" 1;
"~*arcteryxsale.online" 1;
"~*arenanews.com.ua" 1;
"~*arendakvartir.kz" 1;
"~*arendas.net" 1;
"~*arendatora.ru" 1;
"~*arenda-yeisk.ru" 1;
"~*arendovalka.xyz" 1;
"~*arkartex.ru" 1;
@ -1222,6 +1161,7 @@ map $http_referer $bad_referer {
"~*aruplighting.com" 1;
"~*as5000.com" 1;
"~*asacopaco.tk" 1;
"~*asdfg.pro" 1;
"~*asia-forum.ru" 1;
"~*asmxsatadriverin.aircus.com" 1;
"~*asophoto.com" 1;
@ -1301,6 +1241,7 @@ map $http_referer $bad_referer {
"~*backlink4u.net" 1;
"~*backlinkwatch.com" 1;
"~*backuperwebcam.weebly.com" 1;
"~*bad-stars.net" 1;
"~*baersaratov.ru" 1;
"~*bag77.ru" 1;
"~*bagcionderlab.com" 1;
@ -1341,7 +1282,9 @@ map $http_referer $bad_referer {
"~*beauty-clinic.ru" 1;
"~*beauty-things.com" 1;
"~*becuo.com" 1;
"~*bedcapdealers.com" 1;
"~*belinvestdom.by" 1;
"~*benchmarkcommunications.co.uk" 1;
"~*bensbargains.net" 1;
"~*berdasovivan.ru" 1;
"~*berlininsl.com" 1;
@ -1368,6 +1311,7 @@ map $http_referer $bad_referer {
"~*bestssaker.com" 1;
"~*bestwebsiteawards.com" 1;
"~*bestwebsitesawards.com" 1;
"~*bestwrinklecreamnow.com" 1;
"~*betonka.pro" 1;
"~*bet-prognoz.com" 1;
"~*betterscooter.com" 1;
@ -1458,6 +1402,7 @@ map $http_referer $bad_referer {
"~*brendbutik.ru" 1;
"~*brewdom.ru" 1;
"~*brg8.com" 1;
"~*brimstonehillfortress.org" 1;
"~*bristolhostel.com" 1;
"~*bristolhotel.com" 1;
"~*bristolhotel.com.ua" 1;
@ -1466,6 +1411,7 @@ map $http_referer $bad_referer {
"~*bronzeaid-a.akamaihd.net" 1;
"~*brothers-smaller.ru" 1;
"~*browsepulse-a.akamaihd.net" 1;
"~*browserprotecter.com" 1;
"~*brus.city" 1;
"~*brus-vsem.ru" 1;
"~*bscodecs.com" 1;
@ -1520,6 +1466,7 @@ map $http_referer $bad_referer {
"~*calcularpagerank.com" 1;
"~*californianews.cf" 1;
"~*callejondelpozo.es" 1;
"~*callmd5map.com" 1;
"~*call-of-duty.info" 1;
"~*calstaterealty.us" 1;
"~*calvet.altervista.org" 1;
@ -1549,6 +1496,7 @@ map $http_referer $bad_referer {
"~*carson.getenjoyment.net" 1;
"~*carsplate.com" 1;
"~*cartechnic.ru" 1;
"~*cartierlove2u.com" 1;
"~*casablancamanor.co.za" 1;
"~*cashkitten-a.akamaihd.net" 1;
"~*cashonads.com" 1;
@ -1574,9 +1522,11 @@ map $http_referer $bad_referer {
"~*centrumcoachingu.com" 1;
"~*cercacamion.it" 1;
"~*cezartabac.ro" 1;
"~*cfcl.co.uk" 1;
"~*cfjump.com" 1;
"~*cfsrating.sonicwall.com" 1;
"~*cgi2.nintendo.co.jp" 1;
"~*charmstroy.info" 1;
"~*chastnoeporno.com" 1;
"~*chat.ru" 1;
"~*chatseo.com" 1;
@ -1586,6 +1536,7 @@ map $http_referer $bad_referer {
"~*cheapjerseysap.com" 1;
"~*cheapjerseysbizwholesale.us" 1;
"~*cheapjerseysfootballshop.com" 1;
"~*cheapmarmot.online" 1;
"~*cheap-pills-norx.com" 1;
"~*cheatcode-lita12.rhcloud.com" 1;
"~*checkm8.com" 1;
@ -1651,6 +1602,7 @@ map $http_referer $bad_referer {
"~*com-onlinesupport.host" 1;
"~*com-onlinesupport.site" 1;
"~*compliance-checker.info" 1;
"~*compucelunlock.net" 1;
"~*com-secure.download" 1;
"~*com-supportcenter.website" 1;
"~*concealthyself.com" 1;
@ -1868,6 +1820,8 @@ map $http_referer $bad_referer {
"~*e-collantes.com" 1;
"~*e-commerce-seo1.com" 1;
"~*e-commerce-seo.com" 1;
"~*ecommerce-seo.com" 1;
"~*ecommerce-seo.org" 1;
"~*ecomp3.ru" 1;
"~*econom.co" 1;
"~*ecookna.com.ua" 1;
@ -2137,6 +2091,7 @@ map $http_referer $bad_referer {
"~*foxydeal.com" 1;
"~*freakycheats.com" 1;
"~*freecamdollars.com" 1;
"~*free-fb-traffic.com" 1;
"~*free-floating-buttons.com" 1;
"~*freejabs.com" 1;
"~*freelotto.com" 1;
@ -2157,6 +2112,7 @@ map $http_referer $bad_referer {
"~*freewebs.com" 1;
"~*freewhatsappload.com" 1;
"~*freshberry.com.ua" 1;
"~*freshdz.com" 1;
"~*freshmac.space" 1;
"~*freshsuperbloop.com" 1;
"~*freshwallpapers.info" 1;
@ -2358,6 +2314,7 @@ map $http_referer $bad_referer {
"~*handsandlegs.ru" 1;
"~*hanink.biz.ly" 1;
"~*hasfun.com" 1;
"~*hatdc.org" 1;
"~*hauleddes.com" 1;
"~*havepussy.com" 1;
"~*hayate.biz" 1;
@ -2398,6 +2355,7 @@ map $http_referer $bad_referer {
"~*highland-homes.com" 1;
"~*highstairs-a.akamaihd.net" 1;
"~*histats.com" 1;
"~*histock.info" 1;
"~*historichometeam.com" 1;
"~*hitsbox.info" 1;
"~*hiwibyh.bugs3.com" 1;
@ -2462,6 +2420,7 @@ map $http_referer $bad_referer {
"~*hully.altervista.org" 1;
"~*humanorightswatch.org" 1;
"~*hundejo.com" 1;
"~*hunterboots.online" 1;
"~*husky-shop.cz" 1;
"~*hustoon.over-blog.com" 1;
"~*hvd-store.com" 1;
@ -2531,11 +2490,13 @@ map $http_referer $bad_referer {
"~*insta-add.pro" 1;
"~*intelhdgraphicsgtdrive6w.metroblog.com" 1;
"~*interesnie-faktu.ru" 1;
"~*interferencer.ru" 1;
"~*interfucks.net" 1;
"~*interior-stickers.ru" 1;
"~*intermesh.net" 1;
"~*internet-apteka.ru" 1;
"~*internetartfair.com" 1;
"~*internetproviderstucson.com" 1;
"~*intervsem.ru" 1;
"~*intimshop-fantasy.ru" 1;
"~*investingclub.ru" 1;
@ -2602,6 +2563,7 @@ map $http_referer $bad_referer {
"~*jerseywholesalechinabiz.com" 1;
"~*jerseywholesaleelitestore.com" 1;
"~*jjbabskoe.ru" 1;
"~*joessmogtestonly.com" 1;
"~*joingames.org" 1;
"~*jongose.ninja" 1;
"~*journalhome.com" 1;
@ -2718,6 +2680,7 @@ map $http_referer $bad_referer {
"~*kwzf.net" 1;
"~*labplus.ru" 1;
"~*labvis.host.sk" 1;
"~*lacloop.info" 1;
"~*ladov.ru" 1;
"~*la-fa.ru" 1;
"~*lafourmiliaire.com" 1;
@ -2790,6 +2753,7 @@ map $http_referer $bad_referer {
"~*livetsomudvekslingstudent.bloggersdelight.dk" 1;
"~*livingcanarias.com" 1;
"~*livingroomdecor.info" 1;
"~*lkbennettstore.online" 1;
"~*llastbuy.ru" 1;
"~*lmrauction.com" 1;
"~*loadopia.com" 1;
@ -2825,6 +2789,7 @@ map $http_referer $bad_referer {
"~*macdamaged.space" 1;
"~*macdamaged.tech" 1;
"~*mackeeper-center.club" 1;
"~*mackeeper-land-672695126.us-east-1.elb.amazonaws.com" 1;
"~*macnewtech.com" 1;
"~*macresource.co.uk" 1;
"~*madot.onlinewebshop.net" 1;
@ -2882,6 +2847,7 @@ map $http_referer $bad_referer {
"~*mecash.ru" 1;
"~*medanestesia.ru" 1;
"~*meddesk.ru" 1;
"~*mediawhirl.net" 1;
"~*medicinacom.ru" 1;
"~*medicine-4u.org" 1;
"~*medicines-choice.com" 1;
@ -2958,6 +2924,7 @@ map $http_referer $bad_referer {
"~*mitrasound.ru" 1;
"~*mixed-wrestling.ru" 1;
"~*mixtapetorrent.com" 1;
"~*mlvc4zzw.space" 1;
"~*mmog-play.ru" 1;
"~*mmoguider.ru" 1;
"~*mncrftpcs.com" 1;
@ -2987,6 +2954,7 @@ map $http_referer $bad_referer {
"~*monitorwebsitespeed.com" 1;
"~*monthlywinners.com" 1;
"~*moomi-daeri.com" 1;
"~*morefastermac.trade" 1;
"~*more-letom.ru" 1;
"~*morepoweronmac.trade" 1;
"~*morf.snn.gr" 1;
@ -3042,6 +3010,8 @@ map $http_referer $bad_referer {
"~*muznachas-service.ru" 1;
"~*muz-shoes.ru" 1;
"~*muztops.ru" 1;
"~*mvpicton.co.uk" 1;
"~*mwtpludn.review" 1;
"~*my-bc.ru" 1;
"~*my-big-family.com" 1;
"~*myblogregistercm.tk" 1;
@ -3053,6 +3023,7 @@ map $http_referer $bad_referer {
"~*myfreemp3.eu" 1;
"~*myfreetutorials.com" 1;
"~*myftpupload.com" 1;
"~*mygameplus.com" 1;
"~*myhealthcare.com" 1;
"~*myhitmp3.club" 1;
"~*myindospace.com" 1;
@ -3115,6 +3086,7 @@ map $http_referer $bad_referer {
"~*nhl17coins.exblog.jp" 1;
"~*nhl17coinsforps3.gratisblog.biz" 1;
"~*nibbler.silktide.com" 1;
"~*nicefloor.co.uk" 1;
"~*nicovideo.jp" 1;
"~*nightvision746.weebly.com" 1;
"~*niki-mlt.ru" 1;
@ -3128,6 +3100,7 @@ map $http_referer $bad_referer {
"~*nootrino.com" 1;
"~*nordstar.pro" 1;
"~*normalegal.ru" 1;
"~*northfacestore.online" 1;
"~*notaria-desalas.com" 1;
"~*notebook-pro.ru" 1;
"~*notfastfood.ru" 1;
@ -3138,6 +3111,7 @@ map $http_referer $bad_referer {
"~*novosibirsk.xrus.org" 1;
"~*novosti-hi-tech.ru" 1;
"~*npoet.ru" 1;
"~*nrv.co.za" 1;
"~*nsatc.net" 1;
"~*nucia.biz.ly" 1;
"~*nudepatch.net" 1;
@ -3355,6 +3329,7 @@ map $http_referer $bad_referer {
"~*popads.net" 1;
"~*popander.mobi" 1;
"~*popcash.net" 1;
"~*popserve.adscpm.net" 1;
"~*poptool.net" 1;
"~*popup-fdm.xyz" 1;
"~*popup-hgd.xyz" 1;
@ -3409,6 +3384,7 @@ map $http_referer $bad_referer {
"~*prchecker.info" 1;
"~*preparevideosafesystem4unow.site" 1;
"~*preparevideosafesystem4unow.space" 1;
"~*pretty-mart.com" 1;
"~*pricheski-video.com" 1;
"~*printdirectforless.com" 1;
"~*printingpeach.com" 1;
@ -3472,6 +3448,7 @@ map $http_referer $bad_referer {
"~*psvita.ru" 1;
"~*publiccasinoil.com" 1;
"~*pufip.com" 1;
"~*pukaporn.com" 1;
"~*pulse33.ru" 1;
"~*purchasepillsnorx.com" 1;
"~*purplesphere.in" 1;
@ -3509,7 +3486,9 @@ map $http_referer $bad_referer {
"~*rada.ru" 1;
"~*radiogambling.com" 1;
"~*ragecash.com" 1;
"~*rainbowice.ru" 1;
"~*raisedseo.com" 1;
"~*randki-sex.com" 1;
"~*rank-checker.online" 1;
"~*rankchecker.online" 1;
"~*ranking2017.ga" 1;
@ -3564,6 +3543,7 @@ map $http_referer $bad_referer {
"~*remont-ustanovka-tehniki.ru" 1;
"~*remorcicomerciale.ro" 1;
"~*remote-dba.de" 1;
"~*renecaovilla.online" 1;
"~*rentalmaty.kz" 1;
"~*rentehno.ru" 1;
"~*repeatlogo.co.uk" 1;
@ -3594,6 +3574,7 @@ map $http_referer $bad_referer {
"~*rockingclicks.com" 1;
"~*roleforum.ru" 1;
"~*roma-kukareku.livejournal.com" 1;
"~*roofers.org.uk" 1;
"~*rootandroid.org" 1;
"~*ros-ctm.ru" 1;
"~*rospromtest.ru" 1;
@ -3754,6 +3735,8 @@ map $http_referer $bad_referer {
"~*seo-tools-optimizing.com" 1;
"~*serialsway.ucoz.ru" 1;
"~*serptehnika.ru" 1;
"~*service-core.ru" 1;
"~*servingnotice.com" 1;
"~*servisural.ru" 1;
"~*seryeznie-znakomstva.ru" 1;
"~*sethrollins.net" 1;
@ -4055,6 +4038,7 @@ map $http_referer $bad_referer {
"~*telegraf.by" 1;
"~*telegramdownload10.com" 1;
"~*telesvoboda.ru" 1;
"~*telsis.com" 1;
"~*template-kid.com" 1;
"~*tennis-img.org" 1;
"~*terraclicks.com" 1;
@ -4163,6 +4147,7 @@ map $http_referer $bad_referer {
"~*top250movies.ru" 1;
"~*topads.men" 1;
"~*topappspro.com" 1;
"~*topbestgames.com" 1;
"~*topclickguru.com" 1;
"~*top-karkas.ru" 1;
"~*topmira.com" 1;
@ -4183,6 +4168,7 @@ map $http_referer $bad_referer {
"~*toys.erolove.in" 1;
"~*tozup.com" 1;
"~*tpu.ru" 1;
"~*track-rankings.online" 1;
"~*tracksz.co" 1;
"~*tradedeals.biz" 1;
"~*trafaret74.ru" 1;
@ -4212,6 +4198,7 @@ map $http_referer $bad_referer {
"~*trustedmaccleaner.com" 1;
"~*tsan.net" 1;
"~*tsstcorpcddvdwshbbdriverfb.aircus.com" 1;
"~*ttrraacckkrr.com" 1;
"~*tube8.com" 1;
"~*tuberkulezanet.ru" 1;
"~*tuberkuleznik.ru" 1;
@ -4289,6 +4276,7 @@ map $http_referer $bad_referer {
"~*usdx.us" 1;
"~*userequip.com" 1;
"~*ussearche.cf" 1;
"~*usswrite.com" 1;
"~*ustion.ru" 1;
"~*utrolive.ru" 1;
"~*uvozdeckych.info" 1;
@ -4501,6 +4489,7 @@ map $http_referer $bad_referer {
"~*wonderfulflowers.biz" 1;
"~*wordpresscore.com" 1;
"~*wordpress-crew.net" 1;
"~*word-vorlagen.net" 1;
"~*works.if.ua" 1;
"~*worldhistory.biz" 1;
"~*worldis.me" 1;
@ -4604,6 +4593,7 @@ map $http_referer $bad_referer {
"~*xvideosbay.com" 1;
"~*xwatt.ru" 1;
"~*xxart.ru" 1;
"~*xxlargepop.com" 1;
"~*xxxdatinglocal.us" 1;
"~*xxxguitars.com" 1;
"~*xxxnatelefon.ru" 1;
@ -4630,6 +4620,7 @@ map $http_referer $bad_referer {
"~*youdesigner.kz" 1;
"~*yougetsignal.com" 1;
"~*youghbould.wordpress.com" 1;
"~*yougotanewdomain.com" 1;
"~*youjizz.vc" 1;
"~*youporn-forum.ga" 1;
"~*youporn-forum.uni.me" 1;
@ -4643,6 +4634,7 @@ map $http_referer $bad_referer {
"~*yoursite.com" 1;
"~*youtoner.it" 1;
"~*youtubedownload.org" 1;
"~*yuantuo.co.jp" 1;
"~*yuarra.pluto.ro" 1;
"~*yubikk.info" 1;
"~*yugk.net" 1;
@ -4741,11 +4733,12 @@ geo $validate_client {
# Whitelist all your OWN IP addresses
# ***********************************
# Whitelist all your own IP addresses from any validate_client checks
# Add all your IP addresses and ranges below (one per line)
# Use the new include file method so any further updates will no longer require you to
# have to keep putting your whitelisted IP addresses here when updating.
# WHITELIST all your own IP addresses using the include file below.
# New Method Uses the include file below so that when pulling future updates your
# whitelisted IP addresses are automatically now included for you.
# Read Comments inside whitelist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# START WHITELISTED IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
include /etc/nginx/bots.d/whitelist-ips.conf;
# END WHITELISTED IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
@ -4824,61 +4817,6 @@ geo $validate_client {
2a06:98c0::/29 0;
2c0f:f248::/32 0;
# END CLOUDFLARE IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
# Cyveillance / Qwest Communications
# **********************************
# I am extensively researching this subject - appears to be US government involved
# and also appears to be used by all sorts of law enforcement agencies. For one they
# do not obey robots.txt and continually disguise their User-Agent strings. Time will
# tell if this is all correct or not.
# For now see - https://en.wikipedia.org/wiki/Cyveillance
# IMPORTANT UPDATE ON Cyveillance / Qwest Communications !!!
# **********************************************************
# I have done a lot of research on Cyveillance now and through monitoring my logs I know
# for sure what companies are using them and what they are actually looking for.
# My research has led me to understand that Cyveillance services are used by hundreds
# of companies to help them dicsover theft of copyrighted materials like images, movies
# music and other materials. I personally believe a lot of block lists who originally recommended
# blocking Cyveillance have done so to protect their torrent or p2p sites from being scanned.
# I personally have now unblocked them as image theft is a big problem of mine but if you
# do want to block Cyveillance you can simply modify the entries in the block below from "0" to "1"
# Getty Images is one such company who appears to use Cyveillance to help monitor for copyright theft.
# If you really do want to block them change all the 0's below to 1.
# START CYVEILLANCE BLOCK ### DO NOT EDIT THIS LINE AT ALL ###
38.100.19.8/29 0;
38.100.21.0/24 0;
38.100.41.64/26 0;
38.105.71.0/25 0;
38.105.83.0/27 0;
38.112.21.140/30 0;
38.118.42.32/29 0;
63.144.0.0/13 0;
65.112.0.0/12 0;
65.213.208.128/27 0;
65.222.176.96/27 0;
65.222.185.72/29 0;
# END CYVEILLANCE BLOCK ### DO NOT EDIT THIS LINE AT ALL ###
# ****************
# Berkely Scanner
# ****************
# The Berkeley University has a scanner testing all over the web sending a complex
# payload an expecting a reply from servers who are infected or who just respond to such
# a payload. The payload looks similar to this
# "$\xC9\xE1\xDC\x9B+\x8F\x1C\xE71\x99\xA8\xDB6\x1E#\xBB\x19#Hx\xA7\xFD\x0F9-"
# and is sometime VERY long. You may have noticed this in your logs.
# I support research projects and all my servers respond with an error to this type of
# string so I do not block them but if you want to block just uncomment the following line
# or email them asking them not to scan your server. They do respond.
# Visit http://169.229.3.91/ for more info
# START BERKELEY SCANNER ### DO NOT EDIT THIS LINE AT ALL ###
169.229.3.91 0;
# END BERKELEY SCANNER ### DO NOT EDIT THIS LINE AT ALL ###
# *************************
# Wordpress Theme Detectors
@ -4933,138 +4871,35 @@ geo $validate_client {
# ****************************
# Known Bad IP's and IP Ranges
# ****************************
# *************************************************
# Blacklist IP addresses and IP Ranges Customizable
# *************************************************
# Add any other IPs or Subnets here that you wish to block
# Although any permanent blocks should be done using Fail2Ban and IPTables and not
# hampering down Nginx with all the checks against perma-banned IP's
# BLACKLIST all your IP addresses and Ranges using the new include file below.
# New Method Uses the include file below so that when pulling future updates your
# Custom Blacklisted IP addresses are automatically now included for you.
# Read Comments inside blacklist-ips.conf for customization tips.
# Updating the main globalblacklist.conf file will not touch your custom include files
# START BLACKLISTED IPS ### DO NOT EDIT THIS LINE AT ALL ###
include /etc/nginx/bots.d/blacklist-ips.conf;
# END BLACKLISTED IPS ### DO NOT EDIT THIS LINE AT ALL ###
# START BAD IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
104.223.37.150 1;
104.5.92.27 1;
109.236.83.247 1;
137.74.49.205 1;
137.74.49.208 1;
146.0.74.150 1;
148.251.54.44 1;
149.56.151.180 1;
149.56.232.146 1;
150.70.0.0/16 1;
151.80.27.90 1;
151.80.99.90 1;
151.80.99.91 1;
154.16.199.144 1;
154.16.199.34 1;
154.16.199.48 1;
154.16.199.78 1;
158.69.142.34 1;
166.62.80.172 1;
173.212.192.219 1;
173.234.11.105 1;
173.234.153.106 1;
173.234.153.30 1;
173.234.175.68 1;
173.234.31.9 1;
173.234.38.25 1;
176.126.245.213 1;
178.238.234.1 1;
185.100.87.238 1;
185.115.125.99 1;
185.119.81.11 1;
185.119.81.63 1;
185.119.81.77 1;
185.119.81.78 1;
185.130.225.65 1;
185.130.225.66 1;
185.130.225.83 1;
185.130.225.90 1;
185.130.225.94 1;
185.130.225.95 1;
185.130.226.105 1;
185.153.197.103 1;
185.159.36.6 1;
185.47.62.199 1;
185.62.190.38 1;
185.70.105.161 1;
185.70.105.164 1;
185.85.239.156 1;
185.85.239.157 1;
185.86.13.213 1;
185.86.5.199 1;
185.86.5.212 1;
185.92.72.88 1;
185.93.185.11 1;
185.93.185.12 1;
188.209.52.101 1;
190.152.223.27 1;
191.96.249.29 1;
192.69.89.173 1;
193.201.224.205 1;
195.154.183.190 1;
195.229.241.174 1;
210.212.194.60 1;
216.218.147.194 1;
220.227.234.129 1;
23.253.230.158 1;
23.89.159.176 1;
31.170.160.209 1;
45.32.186.11 1;
45.76.21.179 1;
46.249.38.145 1;
46.249.38.146 1;
46.249.38.148 1;
46.249.38.149 1;
46.249.38.150 1;
46.249.38.151 1;
46.249.38.152 1;
46.249.38.153 1;
46.249.38.154 1;
46.249.38.159 1;
51.255.172.22 1;
5.39.218.232 1;
5.39.219.24 1;
5.39.222.18 1;
5.39.223.134 1;
54.213.16.154 1;
54.213.9.111 1;
62.210.146.49 1;
62.210.88.4 1;
65.98.91.181 1;
69.162.124.237 1;
69.64.147.24 1;
72.8.183.202 1;
77.247.178.191 1;
77.247.178.47 1;
77.247.181.219 1;
78.31.184.0/21 1;
78.31.211.0/24 1;
80.87.205.10 1;
80.87.205.11 1;
85.17.230.23 1;
85.17.26.68 1;
91.185.190.172 1;
91.200.12.0/22 1;
91.200.12.15 1;
91.200.12.49 1;
91.200.12.91 1;
92.222.66.137 1;
93.104.209.11 1;
93.158.200.103 1;
93.158.200.105 1;
93.158.200.115 1;
93.158.200.124 1;
93.158.200.126 1;
93.158.200.66 1;
93.158.200.68 1;
# END BAD IP RANGES ### DO NOT EDIT THIS LINE AT ALL ###
}
# Keep own IPs out of DDOS Filter
# Add your own IP addresses and ranges below to spare them from the rate
# limiting DDOS filter (one per line)
# This now automatically includes the whitelist-ips.conf file so you only
# need to edit that include file and have it include here too for you
geo $ratelimited {
default 1;
127.0.0.1 0;
# START WHITELISTED IP RANGES2 ### DO NOT EDIT THIS LINE AT ALL ###
include /etc/nginx/bots.d/whitelist-ips.conf;
# END WHITELISTED IP RANGES2 ### DO NOT EDIT THIS LINE AT ALL ###
}
# *****************************************

4
conf.d/globalblacklist.conf
View file

@ -17,11 +17,11 @@
### - https://github.com/oohnoitz/nginx-blacklist
### Last Updated
### Fri Apr 21 10:02:22 SAST 2017
### Fri Apr 21 10:18:03 SAST 2017
### End Last Updated
### Generated in
### 0.265996217728 seconds
### 0.261167287827 seconds
### End Generated in
### Tested on: nginx/1.10.0 (Ubuntu 16.04)

4
travisCI/globalblacklist.tpl.conf
View file

@ -17,11 +17,11 @@
### - https://github.com/oohnoitz/nginx-blacklist
### Last Updated
### Fri Apr 21 10:02:22 SAST 2017
### Fri Apr 21 10:18:03 SAST 2017
### End Last Updated
### Generated in
### 0.265996217728 seconds
### 0.261167287827 seconds
### End Generated in
### Tested on: nginx/1.10.0 (Ubuntu 16.04)