Ultimate Spam Bots Blocker for Nginx

Discussion in 'Tips/Tricks/Mods' started by concept21, Sep 25, 2023.

  1. concept21

    concept21 Active Member HowtoForge Supporter

    Hello Friends,
    I just found this Ultimate Spam Bots Blocker. It seems that it has relieved some Nginx load from my VPS:
    https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker

    It also has an Apache version. Here I show you installation on Nginx server.

    cd /usr/local/src
    sudo wget https://raw.githubusercontent.com/m...ate-bad-bot-blocker/master/install-ngxblocker
    sudo mv install-ngxblocker /usr/local/sbin/
    cd ~
    sudo chmod +x /usr/local/sbin/install-ngxblocker

    To test installation, run:
    sudo /usr/local/sbin/install-ngxblocker

    To install the whole software, run:
    sudo /usr/local/sbin/install-ngxblocker -x


    Then, test the setup, run:
    sudo /usr/local/sbin/setup-ngxblocker
    To setup the software, run:
    sudo /usr/local/sbin/setup-ngxblocker -x

    It will insert new inclusions in all your Nginx vhost files.

    Reload Nginx and see what happens.

    To auto-update the software and bad bot library, add this to your /etc/daily.cron:
    /usr/local/sbin/update-ngxblocker


    If you tweak your site's ISPConfig3 options, ISPConfig will remove Blocker's included file lists. Then, you have to run this again to add Blocker's include lists again:
    To test the setup, run:
    sudo /usr/local/sbin/setup-ngxblocker
    To setup the software, run:
    sudo /usr/local/sbin/setup-ngxblocker -x


    To tweak a site, use these parameter in the Blocker's lists:
    Code:
    ###    SETTINGS:
    ### ---------------------------------------------
    ###    0 = allowed - no limits
    ###    1 = allowed or rate limited less restrictive
    ###    2 = rate limited more
    ###    3 = block completely
    ### ------------------------
    

    It also has a fail2ban addon. I am yet studying how to use it. :D
     
  2. concept21

    concept21 Active Member HowtoForge Supporter

    Guys & Girls!
    This software works very well!
    Its fail2ban addon worked and it at once banned 39 IPs when I restarted fail2ban!
    I checked a few of these IPs from the list and they turned out to be 100% abuse result on an Abuse Rate public report!

    I will tell you the detail later! :D

    My public sites seem faster than before and the Nginx load shows less busy.
     
  3. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    We have fail2ban in ISPConfig perfect server setup but I think it is just meant for monitoring only, so it is not enabled by default?

    All I read about it is it bans a lot and a little misconfiguration can cause a lot of headache too. Few threads that were recently opened seemed to talk about it.

    So I am personally not sure whether this is a good thing to use or otherwise not recommendable for general users.

    May be, but so far I know default nginx is already good and with only a little fine tuning you can make it better if not the best, thus how can you be sure that what you now achieved is really a good thing in all senses?
     
  4. concept21

    concept21 Active Member HowtoForge Supporter

    This blocker fine-tune the Nginx "limit request" feature. Then, you may enable fail2ban's built-in Nginx "limit request" feature.

    Furthermore, it also provides another fail2ban addon nginxrepeatoffender. If you enable it, it begins to ban. So you can choose to limit requests or to ban. It won't harm at all.

    Today, it bans 2 IPs which turn out to be 100% abuse on public reports. One IP was reported as coming from a compromised server. :mad:
     
    ahrasis likes this.

Share This Page