Cairo Ap. Campos cairoapcampos

## blockBadAgentsV2
#####################################################################################
# 1.Criar o arquivo /etc/nginx/conf.d/blockUserAgents.conf com as linhas seguintes. #
#####################################################################################

map $http_user_agent $blockedagent {
        default                                 0;
        ~*360Spider                             1;
        ~*80legs                                1;
        ~*Abonti                                1;
        ~*Aboundex                              1;

## blockBadAgentsV1
# Criar o arquivo useragent.conf com as linhas seguintes.
# Fazer a inclusão do arquivo no site configurado dentro do bloco server.
# Ex: include /etc/nginx/useragent.conf

if ($http_user_agent ~* (360Spider|80legs.com|Abonti|AcoonBot|Acunetix|adbeat_bot|AddThis.com|adidxbot|ADmantX|AhrefsBot|AngloINFO|Antelope|Applebot|BaiduSpider|BeetleBot|billigerbot|binlar|bitlybot|BlackWidow|BLP_bbot|BoardReader|Bolt\ 0|BOT\ for\ JCE|Bot\ mailto\:craftbot@yahoo\.com|casper|CazoodleBot|CCBot|checkprivacy|ChinaClaw|chromeframe|Clerkbot|Cliqzbot|clshttp|CommonCrawler|comodo|CPython|crawler4j|Crawlera|CRAZYWEBCRAWLER|Curious|Curl|Custo|CWS_proxy|Default\ Browser\ 0|diavol|DigExt|Digincore|DIIbot|discobot|DISCo|DoCoMo|DotBot|Download\ Demon|DTS.Agent|EasouSpider|eCatch|ecxi|EirGrabber|Elmer|EmailCollector|EmailSiphon|EmailWolf|Exabot|ExaleadCloudView|ExpertSearchSpider|ExpertSearch|Express\ WebPictures|ExtractorPro|extract|EyeNetIE|Ezooms|F2S|FastSeek|feedfinder|FeedlyBot|FHscan|finbot|Flamingo_SearchEngine|FlappyBot|FlashGet

## network-tuning.conf
## Coloque este arquivo em "/etc/sysctl.d/network-tuning.conf" e
## execute "sysctl -p /etc/sysctl.d/network-tuning.conf" para que as novas configurações sejam definidas no kernel.

# Evita um smurf attack
net.ipv4.icmp_echo_ignore_broadcasts = 1

# Ativa a proteção contra bad icmp error messages
net.ipv4.icmp_ignore_bogus_error_responses = 1

# Ativa syncookies para proteção contra SYN flood attack
	#####################################################################################
	# 1.Criar o arquivo /etc/nginx/conf.d/blockUserAgents.conf com as linhas seguintes. #
	#####################################################################################

	map $http_user_agent $blockedagent {
	default 0;
	~*360Spider 1;
	~*80legs 1;
	~*Abonti 1;
	~*Aboundex 1;
	# Criar o arquivo useragent.conf com as linhas seguintes.
	# Fazer a inclusão do arquivo no site configurado dentro do bloco server.
	# Ex: include /etc/nginx/useragent.conf

	if ($http_user_agent ~* (360Spider\|80legs.com\|Abonti\|AcoonBot\|Acunetix\|adbeat_bot\|AddThis.com\|adidxbot\|ADmantX\|AhrefsBot\|AngloINFO\|Antelope\|Applebot\|BaiduSpider\|BeetleBot\|billigerbot\|binlar\|bitlybot\|BlackWidow\|BLP_bbot\|BoardReader\|Bolt\ 0\|BOT\ for\ JCE\|Bot\ mailto\:craftbot@yahoo\.com\|casper\|CazoodleBot\|CCBot\|checkprivacy\|ChinaClaw\|chromeframe\|Clerkbot\|Cliqzbot\|clshttp\|CommonCrawler\|comodo\|CPython\|crawler4j\|Crawlera\|CRAZYWEBCRAWLER\|Curious\|Curl\|Custo\|CWS_proxy\|Default\ Browser\ 0\|diavol\|DigExt\|Digincore\|DIIbot\|discobot\|DISCo\|DoCoMo\|DotBot\|Download\ Demon\|DTS.Agent\|EasouSpider\|eCatch\|ecxi\|EirGrabber\|Elmer\|EmailCollector\|EmailSiphon\|EmailWolf\|Exabot\|ExaleadCloudView\|ExpertSearchSpider\|ExpertSearch\|Express\ WebPictures\|ExtractorPro\|extract\|EyeNetIE\|Ezooms\|F2S\|FastSeek\|feedfinder\|FeedlyBot\|FHscan\|finbot\|Flamingo_SearchEngine\|FlappyBot\|FlashGet
	## Coloque este arquivo em "/etc/sysctl.d/network-tuning.conf" e
	## execute "sysctl -p /etc/sysctl.d/network-tuning.conf" para que as novas configurações sejam definidas no kernel.

	# Evita um smurf attack
	net.ipv4.icmp_echo_ignore_broadcasts = 1

	# Ativa a proteção contra bad icmp error messages
	net.ipv4.icmp_ignore_bogus_error_responses = 1

	# Ativa syncookies para proteção contra SYN flood attack