• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.

Plesk 11.5 Debian Nginx include File

J

Janko1000

Regular Pleskian
Hi,

I had included a file in Nginx under Plesk 11.09. There, I had no problems.

The included File:
Code: 
## Block some robots ##
     if ($http_user_agent ~* (008|acoonbot|ahrefsbot|baiduspider|blexbot|exabot|ezooms|flightdeckreportsbot|iCjobs|magpie-crawler|MJ12bot|msnbot|scrapbot|Spiderlytics|UnisterBot|YandexBot|Yandex)) {
        return 403;
     }

## Deny certain Referers ###
     if ( $http_referer ~* (babes|forsale|girl|jewelry|love|nudit|organic|poker|porn|sex|teen|viagra|rolex) ){
        return 403;
     }

## Block download agents ##
     if ($http_user_agent ~* (BBBike|curl|LWP::Simple|nmap|wget)) {
        return 403;
     }
access_log  /var/log/nginx/block.log;
I made it with "custom Template".
I check the block.log against fail2ban.

Now under 11.5.... the File still works with the new Webserver Nginx include Function. BUT my block.log is full... Every Hit on any Website is in the Log.
 
Code: 
## Block some robots ##
     if ($http_user_agent ~* (008|acoonbot|ahrefsbot|baiduspider|blexbot|exabot|ezooms|flightdeckreportsbot|iCjobs|magpie-crawler|MJ12bot|msnbot|scrapbot|Spiderlytics|UnisterBot|YandexBot|Yandex)) {
	 access_log  /var/log/nginx/block.log;
        return 403;
     }

## Deny certain Referers ###
     if ( $http_referer ~* (babes|forsale|girl|jewelry|love|nudit|organic|poker|porn|sex|teen|viagra|rolex) ){
	 access_log  /var/log/nginx/block.log;
        return 403;
     }

## Block download agents ##
     if ($http_user_agent ~* (BBBike|curl|LWP::Simple|nmap|wget)) {
	 access_log  /var/log/nginx/block.log;
        return 403;
     }
result in:
Code: 
Ungültige Nginx-Konfiguration: nginx: [emerg] "access_log" directive is not allowed here in /etc/nginx/block.conf:3 nginx: configuration file /etc/nginx/nginx.conf test failed
 
Hi,

in the past I had this custom template:
Code: 
<?php
/**
 * @var Template_VariableAccessor $VAR
 * @var array $OPT
 */
?>
server {
    listen <?php echo $OPT['ipAddress']->escapedAddress . ':' . $OPT['frontendPort'] . ($OPT['defaultIp'] ? ' default_server' : '') . ($OPT['ssl'] ? ' ssl' : '') ?>;

    server_name <?php echo $VAR->domain->asciiName ?>;
<?php if ($VAR->domain->isWildcard): ?>
    server_name <?php echo $VAR->domain->wildcardName ?>;
<?php else: ?>
    server_name www.<?php echo $VAR->domain->asciiName ?>;
<?php   if ($OPT['ipAddress']->isIpV6()): ?>
    server_name ipv6.<?php echo $VAR->domain->asciiName ?>;
<?php   else: ?>
    server_name ipv4.<?php echo $VAR->domain->asciiName ?>;
<?php   endif ?>
<?php endif ?>
<?php if ($VAR->domain->webAliases): ?>
    # aliases
<?php   foreach ($VAR->domain->webAliases as $alias): ?>
    server_name <?php echo $alias->asciiName ?>;
    server_name www.<?php echo $alias->asciiName ?>;
<?php   endforeach ?>
<?php endif ?>
<?php if ($VAR->domain->previewDomainName): ?>
    # preview domain name
    server_name "<?php echo $VAR->domain->previewDomainName ?>";
<?php endif ?>

<?php if ($OPT['ssl']): ?>
<?php $sslCertificate = $VAR->server->sni && $VAR->domain->physicalHosting->sslCertificate ?
    $VAR->domain->physicalHosting->sslCertificate :
    $OPT['ipAddress']->sslCertificate; ?>
<?php   if ($sslCertificate->ce): ?>
    ssl_certificate             <?php echo $sslCertificate->ceFilePath ?>;
    ssl_certificate_key         <?php echo $sslCertificate->ceFilePath ?>;
<?php       if ($sslCertificate->ca): ?>
    ssl_client_certificate      <?php echo $sslCertificate->caFilePath ?>;
<?php       endif ?>
    ssl_session_timeout         5m;

    ssl_protocols               SSLv2 SSLv3 TLSv1;
    ssl_ciphers                 HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers   on;
<?php   endif ?>
<?php endif ?>

    client_max_body_size 128m;

    location / { # IPv6 isn't supported in proxy_pass yet.
<?php if ($OPT['ssl']): ?>
        proxy_pass https://<?php echo ($OPT['ipAddress']->isIpV6() ? '127.0.0.1': $OPT['ipAddress']->escapedAddress) ?>:<?php echo $OPT['backendPort'] ?>;
<?php else: ?>
        proxy_pass http://<?php echo ($OPT['ipAddress']->isIpV6() ? '127.0.0.1': $OPT['ipAddress']->escapedAddress) ?>:<?php echo $OPT['backendPort'] ?>;
<?php endif ?>

        proxy_set_header Host             $host;
        proxy_set_header X-Real-IP        $remote_addr;
        proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_set_header X-Accel-Internal /internal-nginx-static-location;
        access_log off;
    }

    location /internal-nginx-static-location/ {
        alias      <?php echo $OPT['documentRoot'] ?>/;
        access_log <?php echo $VAR->domain->physicalHosting->logsDir . '/' . ($OPT['ssl'] ? 'proxy_access_ssl_log' : 'proxy_access_log') ?>;
        add_header X-Powered-By Pure-Host.de;
        internal;
    }
include /etc/nginx/block.conf;
}

server {
    listen <?php echo $OPT['ipAddress']->escapedAddress . ':' . $OPT['frontendPort'] . ($OPT['ssl'] ? ' ssl' : '') ?>;
    server_name webmail.<?php echo $VAR->domain->asciiName ?>;
<?php if ($VAR->domain->webAliases): ?>
    # aliases
<?php   foreach ($VAR->domain->webAliases as $alias): ?>
    server_name webmail.<?php echo $alias->asciiName ?>;
<?php   endforeach ?>
<?php endif ?>

<?php if ($OPT['ssl']): ?>
<?php $sslCertificate = $VAR->server->sni && $VAR->domain->physicalHosting->sslCertificate ?
    $VAR->domain->physicalHosting->sslCertificate :
    $OPT['ipAddress']->sslCertificate; ?>
<?php   if ($sslCertificate->ce): ?>
    ssl_certificate             <?php echo $sslCertificate->ceFilePath ?>;
    ssl_certificate_key         <?php echo $sslCertificate->ceFilePath ?>;
<?php       if ($sslCertificate->ca): ?>
    ssl_client_certificate      <?php echo $sslCertificate->caFilePath ?>;
<?php       endif ?>
    ssl_session_timeout         5m;

    ssl_protocols               SSLv2 SSLv3 TLSv1;
    ssl_ciphers                 HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers   on;
<?php   endif ?>
<?php endif ?>
    client_max_body_size 128m;

    location / { # IPv6 isn't supported in proxy_pass yet.
<?php if ($OPT['ssl']): ?>
        proxy_pass https://<?php echo ($OPT['ipAddress']->isIpV6() ? '127.0.0.1': $OPT['ipAddress']->escapedAddress) ?>:<?php echo $OPT['backendPort'] ?>;
<?php else: ?>
        proxy_pass http://<?php echo ($OPT['ipAddress']->isIpV6() ? '127.0.0.1': $OPT['ipAddress']->escapedAddress) ?>:<?php echo $OPT['backendPort'] ?>;
<?php endif ?>

        proxy_set_header Host             $host;
        proxy_set_header X-Real-IP        $remote_addr;
        proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
        access_log <?php echo $VAR->domain->physicalHosting->logsDir . '/' . ($OPT['ssl'] ? 'webmail_access_ssl_log' : 'webmail_access_log') ?>;
    }
include /etc/nginx/block.conf;
}
Everything worked as it should.
But now with the new Templates.... At which point it must now be included in order to obtain the same result?

Please help me. I'm new to nginx and Plesk

Greets
 
Hello,

i find a Solution for my Problem... but now i have a new Problem...

I can include the file block.conf without error. I currently have it at the end of the custom template. There are unfortunately only sporadically detected the bots.
I Inkludiere block.conf in another place, I get a 403 error from nginx on each side.


block.conf
Code: 
## Block some robots ##
     if ($http_user_agent ~* (008|123People|acoonbot|ahrefsbot|BacklinkCrawler|baiduspider|BiggerBetter|blexbot|CareerBot|Exabot|ezooms|findestars|flightdeckreportsbot|iCjobs|ltbot|magpie-crawler|MJ12bot|scrapbot|SEOkicks|Spiderlytics|UnisterBot|YandexBot|YandexImages|Yandex|Yasni)) {
	set $crawler 'yes';
     }


## Deny certain Referers ###
     if ( $http_referer ~* (123people|jewelry|nudit|organic|porn|teen|viagra|rolex|yasni) ){
	set $crawler 'yes';
     }

## Block download agents ##
     if ($http_user_agent ~* (BBBike|curl|LWP::Simple|nmap|wget)) {
	set $crawler 'yes';
     }



location ~ .* {
  if ($crawler = 'yes') {
    access_log /var/log/nginx/block.log;
    return 444;
    }
}
 
You must log in or register to reply here.
Back
Top