How to block specific human looking user agent in nginx -


i have been having few problems spam , bots registering , these anti captcha systems not seem working.

i have analyzed access logs , discovered user agents not used humans maybe because old... noticed there has been head / / post / attacks coming in web server using exact same string on user agents. possibly booters using same user agents spam/add bots.

216.151.139.172 - - [24/mar/2013:00:58:20 +0000] "get /index.php?action=verificationcode;vid=register;rand=12c64196f4558b2dff00db7ed3ee8ad9 http/1.1" 200 2189 "index.php?action=register" "mozilla/4.0 (compatible; msie 7.0; windows nt 5.1; trident/4.0; .net clr 1.1.4322)" "-"

in nginx without blocking user agents, there anyway block string contained in useragent these bots can stop registering , advertising.

"mozilla/4.0 (compatible; msie 7.0; windows nt 5.1; trident/4.0; .net clr 1.1.4322)"

thanks reading.

you can try this

if ($http_user_agent = "mozilla/4.0 (compatible; msie 7.0; windows nt 5.1; trident/4.0; .net clr 1.1.4322)") {   return 444; # 444 special nginx status code that's useful in fighting attack }

but user agent string valid, means block legit visits well.

i'd suggest try ip based access control. see http://wiki.nginx.org/httpaccessmodule setting up. it's better in opinion.


Comments

Post a Comment

Popular posts from this blog

php - Wordpress website dashboard page or post editor content is not showing but front end data is showing properly -

Image
recently have uploaded wordpress site onto server. have uploaded wordpress site in sub-folder under root folder ../root(domain root folder)/wordpress (where host wordpress folder). now problem content data in page or post in dashboard of wordpress admin panel not showing - see image. but data showing in front view - see image. if not browser cache issue , not issue happened tinymce editor during upgrade; try add config file: define('concatenate_scripts', false);
Read more

How to get the ip address of VM and use it to configure SSH connection dynamically in Ansible -

i trying ip address of vm , trying use establish ssh vm. following script: --- - hosts: localhost become: yes connection: local gather_facts: false serial: 1 vars_files: - createvmvars.yml tasks: - name: gathering vm info. vsphere_guest: vcenter_hostname: "{{vcenter_hostname}}" username: "{{vcenter_username}}" password: "{{vcenter_password}}" guest: "{{guest_name}}" vmware_guest_facts: yes register: var - debug: msg="{{var.ansible_facts.hw_eth0.ipaddresses[0]}}" - name: establishing ssh connection. script: /home/shasha/devops/scripts/ssh_configure.sh "{{var.ansible_facts.hw_eth0.ipaddresses[0]}}" following content of ssh_configure.sh : #!/bin/sh ssh-keygen -t rsa ssh-copy-id $1 but when running playbook, getting following error while executing third task: error! 'var' undefined but debug module(second task) printin
Read more

javascript - Get parameter of GET request -

i make request: createxhrrequest( "get", fileurl, function( err, response ) { if( err ) { alert( "error get!" ); } alert(response); }); and full response: { "status" : "ok", "message" : "jvberi0xljqkjdduxdgkmy how can jvberi0xlj ? i try response.message , response["message"]. nothing works. just simple access this: var json = json.parse(response); json.message
Read more