Twitter made ddosecrets.com a forbidden place. I don't like being forbidden from going places or sharing links to said places.
It's dangerous to go alone, take these:
- AWS
- GCP
- Azure
- AS24940 (Hetzner)
- AS13414 (Twitter)
- AS25046 (Check point)
Get the nginx-cloud-block.conf from my gists. Alternatively you can build your own using 0xdade/sephiroth.
Add the following include line to your /etc/nginx/nginx.conf
http {
[...]
include /etc/nginx/nginx-cloud-block.conf;
[...]
}
Here's a random guide on wildcard certs for certbot. If you already have certbot installed, here's the meat of the process.
certbot certonly --manual --preferred-challenges=dns --agree-tos -d *.exploit.party
Replace exploit.party with your domain. Redirect to whatever you want in the if ($block_ip)
block.
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name ~^(.*)\.exploit\.party$;
ssl_certificate /etc/letsencrypt/live/exploit.party-0001/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/exploit.party-0001/privkey.pem;
if ($block_ip) {
return 302 https://rickrolled.com;
}
return https://$1.ddosecrets.com$request_uri;
}