Nginx-ultimate-bad-bot-blocker with yunohost

My YunoHost server

Hardware: AWS Free Tier
Version:
yunohost:
repo: stable
version: 3.6.5.3
yunohost-admin:
repo: stable
version: 3.6.5.1
moulinette:
repo: stable
version: 3.6.4.1
ssowat:
repo: stable
version: 3.6.4
I have access to my server: Through SSH
Are you in a special context or did you perform some particular tweaking on your YunoHost instance?

  1. I have renamed /etc/nginx/sites-available/default to default.vhost
  2. At the moment I have two active apps, each in a subdomain.
    app1.mydomain[dot]com
    app2.mydomain[dot]com

Description of my issue

I’m trying to configure nginx-ultimate-bad-bot-blocker in my yunohost but I can’t make it work properly.

My knowledge of nginx is very small so I couldn’t find the solution to this problem. I hope you can solve this problem and help more people to use this protection on their servers.

I followed all the instructions on the githuh page, but without success.

Well, I also tried adding the includes to the /etc/nginx/conf.d/mydomain.conffile but it didn’t work.

I used the site recommended by the configuration guide to do the test run:

curl -I https://mydomain.com -e http://100dollars-seo.com

But I didn’t get any error messages on the connection (as it should be).

cat /etc/nginx/conf.d/globalblacklist.conf | grep 100dollars
"~*(?:\b)100dollars\-seo\.com(?:\b)" 1;

Commands I used during the installation:

sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/install-ngxblocker -O /usr/local/sbin/install-ngxblocker
sudo chmod +x /usr/local/sbin/install-ngxblocker
cd /usr/local/sbin/
sudo ./install-ngxblocker -x
sudo nginx -t
sudo nginx -s reload

My nginx configuration files:

/etc/nginx/nginx.conf
=> paste yunohost org/unixiqevem.nginx
/etc/nginx/sites-available/default.vhost
=> paste yunohost org/marocenupi.nginx
/etc/nginx/conf.d/mydomain.conf
=> paste yunohost org/iranenapol.pl

ls -l /etc/nginx/
ls /etc/nginx/sites-available/
ls -l /etc/nginx/conf.d/
ls -l /etc/nginx/bots.d/
=> paste yunohost org/eziribipuk.diff

I’m sorry for the badly formatted links, but I couldn’t publish this post any other way. Maybe there’s some limitation.

Hello,

Have you read this in the installation guide, at step 5?

This setup-ngxblocker script assumes that all your vhost files located in /etc/nginx/sites-available end in an extension .vhost. It is good practice to make all your vhost config files end with a .vhost extension but if you prefer to stick what you already have eg .conf you can simply modify run setup-ngxblocker using the -e parameter to specify the extension you use for your vhost files.

For instance if your vhost files end in .conf you will change this execute setup-ngxblocker with an additional command line parameter as follows:

sudo ./setup-ngxblocker -x -e conf

So now let’s run the setup script and let it make all the changes we need to make the Bot Blocker active on all your sites.

YunoHost uses the default .conf extension for Nginx, so try using the command they suggest and report your results.

1 Like

I forgot to mention that I’d tried that too.

However, I tried again. That’s the log:

paste yunohost org/rudojisoho.bash

Apparently nothing has changed and still doesn’t work.

Update: it is not necessary to modify /etc/nginx/conf.d/mydomain.conf, just create a /etc/nginx/conf.d/mydomain.d/*.conf file and add

include /etc/nginx/bots.d/blockbots.conf;
include /etc/nginx/bots.d/ddos.conf;

Now everything works

curl -I https :// mydomain. with -and http :// 100dollars-seo. with
curl: (92) HTTP/2 stream 1 was not closed cleanly: INTERNAL_ERROR (err 2)

I did that for the subdomains too, one for each.
I don’t know if there’s a way to add that to all the available domains.

1 Like

I guess you can create a file /etc/nginx/conf.d/badbots.conf with the two include statements. But they may require to be in a location block, so test it with nginx -t and be ready to remove the file if it fails.

1 Like