Question Best way to block bad user agents in global Nginx configuration?

goomba · Mar 3, 2024

I have tried the following in a file like /etc/nginx/conf.d/bad_bots.conf, but it still allows successful HTTP response.

NGINX:

map $http_user_agent $bad_user_agent {
    default             0;
    ~*MJ12bot           1;
    ~*coccocbot-image   1;
    ~*Baiduspider       1;
}

server {
    if ($bad_user_agent) {
        return 403;
    }
}

I've been able to successfully block them for individual domains through the Plesk interface with an if ($http_user_agent ... ) approach. How can this be done globally? Also open to a global Apache method.

Peter Debik · Mar 4, 2024

You'd rather want a rule lik

Code:

if ($http_user_agent ~* "(?:acunetix|BLEXBot|domaincrawler\.com|LinkpadBot|MJ12bot/v|majestic12\.co\.uk|AhrefsBot|TwengaBot|SemrushBot|nikto|winhttp|Xenu\s+Link\s+Sleuth|Baiduspider|HTTrack|clshttp|harvest|extract|grab|miner|python-requests)") {
    return 403;
}

However, why mess with Nginx if you have Fail2ban. I recommend reading this new article where we address the issue of bad bots and a lot more:

How to Avoid High CPU Load & Block Bad Bots with Plesk

Learn how to effectively reduce CPU usage and keep bad bots and hackers away from your websites using Plesk Cgroups Manager and Fail2Ban.

www.plesk.com

Question Best way to block bad user agents in global Nginx configuration?

goomba

New Pleskian

Peter Debik

Community Manager until 3/2024

How to Avoid High CPU Load & Block Bad Bots with Plesk

Similar threads