Skip to content

Instantly share code, notes, and snippets.

@samjaninf
Last active September 7, 2023 18:34
Show Gist options
  • Save samjaninf/6b0331daea07d59254c3db43a999bda8 to your computer and use it in GitHub Desktop.
Save samjaninf/6b0331daea07d59254c3db43a999bda8 to your computer and use it in GitHub Desktop.
bad bots blocker for directadmin
# https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/blob/master/MANUAL-CONFIGURATION.md
# setup the bad bots blocker thing using steps 1-3 from the README
cd /usr/local/sbin/
sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/install-ngxblocker -O /usr/local/sbin/install-ngxblocker
sudo chmod +x /usr/local/sbin/install-ngxblocker
# run the install
sudo ./install-ngxblocker -x
# get updates, this is in a cron job
# this is manual -n is no notifications
./update-ngxblocker -n
# cron format, 10 pm everyday:
00 22 * * * /usr/local/sbin/update-ngxblocker -e yourname@youremail.com
# add the requisite files to directadmin nginx conf files
# add this to /etc/nginx/nginx-includes.conf
# edit this file and comment out or remove the two first settings, server_names_hash_bucket_size, server_names_hash_max_size
include /etc/nginx/conf.d/botblocker-nginx-settings.conf;
# include this as well
include /etc/nginx/conf.d/globalblacklist.conf;
# test to make sure nginx isn't reporting any errors
nginx -t
# https://docs.directadmin.com/webservices/nginx/customizing-nginx.html#using-custom-global-templates-with-nginx
cd /usr/local/directadmin/data/templates/custom
cp ../nginx_*.conf .
# Add this to each server block, I put it in the custom3 section
# Bad Bot Blocker
include /etc/nginx/bots.d/ddos.conf;
include /etc/nginx/bots.d/blockbots.conf;
# rebuild the configs, then test again to make sure the correct things are being blocked
cd /usr/local/directadmin/custombuild
./build rewrite_confs
# if you get a 301 moved permanently, try https
curl -A "googlebot" http://yourdomain.com
# Should respond with 200 OK
curl -A "80legs" http://yourdomain.com
curl -A "masscan" http://yourdomain.com
# Should respond with: curl: (52) Empty reply from server
curl -I http://yourdomain.com -e http://100dollars-seo.com
curl -I http://yourdomain.com -e http://zx6.ru
# Should respond with: curl: (52) Empty reply from server
# Don't forget to add your server and personal IP to the /etc/nginx/bots.d/whitelist-ips.conf
# and the domains to the /etc/nginx/bots.d/whitelist-domains.conf
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment