Question Blocking bad bots

Azurel · Mar 20, 2019

I found this feature request
block bad bots by default

Alternatively, a tutorial on how to protect yourself with Plesk would be nice. IgorG wrote a little one
Instruction - Blocking extra bots using nginx
It would be nice if this becomes an official support example (plesk help center) with current agents and a little better explanation. The tutorial is already one year old and surely new agents appeared. See
atmire/COUNTER-Robots
or
monperrus/crawler-user-agents
or
- Bad Bots Bad Bots user-agent / bot
- Crawlers Crawlers user-agent / bot
- Scrapers Scrapers user-agent / bot

Where exactly should the entry be added, so that this block is for all domains?
So? Create a new "bad_bots.conf" in /etc/nginx/conf.d with

Code:

server {
    # List of scrapers and crawlers
    if ($http_user_agent ~ VALUE1|VALUE2) {
       return 444;
    }
}

IgorG · Mar 20, 2019

Actually, Plesk WordPress Toolkit has Bot protection section in Security Check option. So, your WP sites can be protected out from the box.

IgorG · Mar 20, 2019

Additionally Question - Nginx block robots

Azurel · Mar 20, 2019

I have no single Wordpress site and I'll never have it. ;-)

A found a interesting article combine nginx and fail2ban (german) sergejmueller/sergejmueller.github.io
and here a actual bot list for nginx map file Block Unwanted Bots on Apache & Nginx (Constantly Updated)

@IgorG
Your blocklist contain "curl". I don't know exactly how the plesk letsencrypt extension renews the certificate, but does this happen with the curl tool?
And should it be "~*" for case insensitive instead "~"?

Question Blocking bad bots

Azurel

Silver Pleskian

IgorG

Plesk addicted!

IgorG

Plesk addicted!

Azurel

Silver Pleskian

Similar threads