Nginx Ultimate Bad Bot Blocker
Nid: 1408
以下はマニュアルインストールの手順。更新も手動になるので、自動にしたい場合は、リンク先のスクリプトを使用のこと。
1 . ファイルコピー
$ sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/globalblacklist.conf -O /etc/nginx/conf.d/globalblacklist.conf $ sudo curl -L https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/blockbots.conf --create-dirs -o /etc/nginx/bots.d/blockbots.conf $ sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/ddos.conf -O /etc/nginx/bots.d/ddos.conf $ sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/whitelist-ips.conf -O /etc/nginx/bots.d/whitelist-ips.conf $ sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/whitelist-domains.conf -O /etc/nginx/bots.d/whitelist-domains.conf $ sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/blacklist-user-agents.conf -O /etc/nginx/bots.d/blacklist-user-agents.conf $ sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/custom-bad-referrers.conf -O /etc/nginx/bots.d/custom-bad-referrers.conf $ sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/blacklist-ips.conf -O /etc/nginx/bots.d/blacklist-ips.conf $ sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/bad-referrer-words.conf -O /etc/nginx/bots.d/bad-referrer-words.conf $ sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/botblocker-nginx-settings.conf -O /etc/nginx/conf.d/botblocker-nginx-settings.conf
$ sudo chmod 755 /etc/nginx/bots.d
コピーしたファイルを確認。
$ ls -l /etc/nginx/conf.d/{globalblacklist,botblocker-nginx-settings}.conf /etc/nginx/bots.d/{blockbots,ddos,whitelist-domains,whitelist-ips,blacklist-user-agents,custom-bad-referrers,blacklist-ips,bad-referrer-words}.conf
2 . 自ドメインとアドレスをホワイトリスト設定
$ sudo vi /etc/nginx/bots.d/whitelist-domains.conf $ sudo vi /etc/nginx/bots.d/whitelist-ips.conf
3 . Nginx 設定
$ sudo vi /etc/nginx/nginx.conf include /etc/nginx/conf.d/*.conf;
VHOST server block
$ sudo vi /etc/nginx/sites-available/site1.octaviadata.com include /etc/nginx/bots.d/blockbots.conf; include /etc/nginx/bots.d/ddos.conf;
$ sudo sh -c "nginx -t && nginx -s reload"
4 . 動作確認
$ mydomain="octaviadata.com"
$ curl -A "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" -I http://$mydomain $ curl -A "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)" -I http://$mydomain
Should respond with 200 OK
$ curl -A "Xenu Link Sleuth/1.3.8" -I http://$mydomain $ curl -A "Mozilla/5.0 (compatible; AhrefsBot/5.2; +http://ahrefs.com/robot/)" -I http://$mydomain
Should respond with either of the following error messages: curl: (52) Empty reply from server curl: (56) TCP connection reset by peer curl: (92) HTTP/2 stream 0 was not closed cleanly: PROTOCOL_ERROR (err 1)
$ curl -I http://$mydomain -e http://100dollars-seo.com $ curl -I http://$mydomain -e http://zx6.ru
Should respond with either of the following error messages: curl: (52) Empty reply from server curl: (56) TCP connection reset by peer curl: (92) HTTP/2 stream 0 was not closed cleanly: PROTOCOL_ERROR (err 1)