blockbots.conf 3.5 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485
  1. # Author/Copyright: Mitchell Krog <mitchellkrog@gmail.com> - https://github.com/mitchellkrogza/
  2. # VERSION INFORMATION #
  3. #----------------------
  4. # Version: V4.2019.04
  5. # Updated: 2019-06-28
  6. #----------------------
  7. # VERSION INFORMATION #
  8. ##############################################################################
  9. # _ __ _ #
  10. # / |/ /__ _(_)__ __ __ #
  11. # / / _ `/ / _ \\ \ / #
  12. # /_/|_/\_, /_/_//_/_\_\ #
  13. # __/___/ __ ___ __ ___ __ __ #
  14. # / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
  15. # / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
  16. # /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
  17. # #
  18. ##############################################################################
  19. # Include this in a vhost file within a server {} block using and include statement like below
  20. # Place it near the top of your server {} block before any location / statements and it will block everywhere on your site.
  21. # server {
  22. # #Config stuff here
  23. # include /etc/nginx/bots.d/blockbots.conf
  24. # include /etc/nginx/bots.d/ddos.conf
  25. # #Other config stuff here
  26. # }
  27. #######################################################################
  28. # -----------------------------------
  29. # OVER-RIDE BLOCKER / SUPER WHITELIST
  30. # -----------------------------------
  31. # In this block you can allow any IP address specified here to over-ride any bad bot or IP blocking of the blocker.
  32. # This is useful for testing or allowing only specific IP's (ie. Internal ranges) to never be blocked.
  33. # More IP's can be added example > "(127.0.0.1)|(192.168.0.1)|(192.168.1.1)"
  34. # If you even blacklisted 127.0.0.1 or your own IP by giving it a value of 1 in any of the includes, this will over-ride that block.
  35. # UNCOMMENT THE NEXT 4 LINES TO ACTIVATE THE SUPER WHITELIST
  36. #if ($remote_addr ~ "(127.0.0.1)|(192.168.0.1)" ) {
  37. #set $bad_bot '0'; #Uncommenting this line will disable bad_bots functionality for specified IP(s)
  38. #set $validate_client '0'; #Uncommenting this line will disable validate_client ip blocking functionality for specified IP(s)
  39. #}
  40. # --------------
  41. # BLOCK BAD BOTS
  42. # --------------
  43. # Section bot_1 Unused
  44. #limit_conn bot1_connlimit 100;
  45. #limit_req zone=bot1_reqlimitip burst=50;
  46. limit_conn bot2_connlimit 10;
  47. limit_req zone=bot2_reqlimitip burst=10;
  48. if ($bad_bot = '3') {
  49. return 444; # << Response Code Issued May Be Modified to Whatever you Choose ie. 404 but 444 wastes less of Nginxs time
  50. }
  51. # ---------------------
  52. # BLOCK BAD REFER WORDS
  53. # ---------------------
  54. if ($bad_words) {
  55. return 444; # << Response Code Issued May Be Modified to Whatever you Choose ie. 404 but 444 wastes less of Nginxs time
  56. }
  57. # ------------------
  58. # BLOCK BAD REFERERS
  59. # ------------------
  60. if ($bad_referer) {
  61. return 444; # << Response Code Issued May Be Modified to Whatever you Choose ie. 404 but 444 wastes less of Nginxs time
  62. }
  63. # -----------------------------
  64. # BLOCK IP ADDRESSES and RANGES
  65. # -----------------------------
  66. if ($validate_client) {
  67. return 444; # << Response Code Issued May Be Modified to Whatever you Choose ie. 404 but 444 wastes less of Nginxs time
  68. }