• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Best way to block bad user agents in global Nginx configuration?

G

goomba

New Pleskian
Server operating system version
CentOS 7
Plesk version and microupdate number
18.0.58
I have tried the following in a file like /etc/nginx/conf.d/bad_bots.conf, but it still allows successful HTTP response.

NGINX: 
map $http_user_agent $bad_user_agent {
    default             0;
    ~*MJ12bot           1;
    ~*coccocbot-image   1;
    ~*Baiduspider       1;
}

server {
    if ($bad_user_agent) {
        return 403;
    }
}

I've been able to successfully block them for individual domains through the Plesk interface with an if ($http_user_agent ... ) approach. How can this be done globally? Also open to a global Apache method.
 
You'd rather want a rule lik
Code: 
if ($http_user_agent ~* "(?:acunetix|BLEXBot|domaincrawler\.com|LinkpadBot|MJ12bot/v|majestic12\.co\.uk|AhrefsBot|TwengaBot|SemrushBot|nikto|winhttp|Xenu\s+Link\s+Sleuth|Baiduspider|HTTrack|clshttp|harvest|extract|grab|miner|python-requests)") {
    return 403;
}

However, why mess with Nginx if you have Fail2ban. I recommend reading this new article where we address the issue of bad bots and a lot more:
www.plesk.com

How to Avoid High CPU Load & Block Bad Bots with Plesk

Learn how to effectively reduce CPU usage and keep bad bots and hackers away from your websites using Plesk Cgroups Manager and Fail2Ban.
www.plesk.com www.plesk.com
 
Hi Peter,

I have tried adding the above rules server side to nginx include meanwhile i got the below error. Do you have some work around for the same?

nginx: [emerg] "if" directive is not allowed here in /etc/nginx/conf.d/bad_bot_block.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
Click to expand...
 
You must log in or register to reply here.

Similar threads

brother4
Question Best way to block direct PHP file access and ensure .htaccess rules are always applied with Nginx as a reverse proxy?
Replies
1
Views
1K
brother4
brother4
U
Issue How can I use Webp in Plesk
Replies
2
Views
4K
mow
M
T
Issue Nginx allow referer
Replies
3
Views
3K
trensco
T
Azurel
Question Blocking bad bots
Replies
3
Views
5K
Azurel
Azurel
F
Issue Pretty bad problem: Server starts successfully and starts all services but stops them again.
Replies
1
Views
3K
Fuchur
F
Back
Top