Dalf
parent
566677c6c1
commit
5b8b8720b4
1 changed files with 63 additions and 46 deletions
79
rules.json
79
rules.json
|
|
@ -7,6 +7,27 @@
|
||||||
"stop": true,
|
"stop": true,
|
||||||
"actions": [{ "name": "log"}]
|
"actions": [{ "name": "log"}]
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"name": "IP limit, all paths",
|
||||||
|
"interval": 3,
|
||||||
|
"limit": 25,
|
||||||
|
"aggregations": ["Header:X-Forwarded-For"],
|
||||||
|
"actions": [
|
||||||
|
{"name": "block",
|
||||||
|
"params": {"message": "Rate limit exceeded, try again later."}}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "useragent limit, all paths",
|
||||||
|
"interval": 30,
|
||||||
|
"limit": 200,
|
||||||
|
"aggregations": ["Header:X-Forwarded-For", "Header:User-Agent"],
|
||||||
|
"stop": true,
|
||||||
|
"actions": [
|
||||||
|
{"name": "block",
|
||||||
|
"params": {"message": "Rate limit exceeded, try again later."}}
|
||||||
|
]
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"name": "search request",
|
"name": "search request",
|
||||||
"filters": ["Param:q", "Path=^(/|/search)$"],
|
"filters": ["Param:q", "Path=^(/|/search)$"],
|
||||||
|
|
@ -14,10 +35,10 @@
|
||||||
{
|
{
|
||||||
"name": "robot agent forbidden",
|
"name": "robot agent forbidden",
|
||||||
"limit": 0,
|
"limit": 0,
|
||||||
"filters": ["Header:User-Agent=([Cc][Uu][Rr][Ll]|[wW]get|Scrapy|splash|JavaFX|FeedFetcher|python-requests|Go-http-client|Java|Jakarta|okhttp|HttpClient|Jersey|Python|libwww-perl|Ruby|SynHttpClient)"],
|
"stop": true,
|
||||||
|
"filters": ["Header:User-Agent=([Cc][Uu][Rr][Ll]|[wW]get|Scrapy|splash|JavaFX|FeedFetcher|python-requests|Go-http-client|Java|Jakarta|okhttp|HttpClient|Jersey|Python|libwww-perl|Ruby|SynHttpClient|UniversalFeedParser)"],
|
||||||
"actions": [
|
"actions": [
|
||||||
{
|
{"name": "block",
|
||||||
"name": "block",
|
|
||||||
"params": {"message": "Rate limit exceeded"}}
|
"params": {"message": "Rate limit exceeded"}}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
|
@ -27,8 +48,7 @@
|
||||||
"stop": true,
|
"stop": true,
|
||||||
"filters": ["Header:User-Agent=(Googlebot|GoogleImageProxy|bingbot|Baiduspider|yacybot|YandexMobileBot|YandexBot|Yahoo! Slurp|MJ12bot|AhrefsBot|archive.org_bot|msnbot|MJ12bot|SeznamBot|linkdexbot|Netvibes|SMTBot|zgrab|James BOT|Sogou|Abonti|Pixray|Spinn3r|SemrushBot|Exabot|ZmEu|BLEXBot|bitlybot)"],
|
"filters": ["Header:User-Agent=(Googlebot|GoogleImageProxy|bingbot|Baiduspider|yacybot|YandexMobileBot|YandexBot|Yahoo! Slurp|MJ12bot|AhrefsBot|archive.org_bot|msnbot|MJ12bot|SeznamBot|linkdexbot|Netvibes|SMTBot|zgrab|James BOT|Sogou|Abonti|Pixray|Spinn3r|SemrushBot|Exabot|ZmEu|BLEXBot|bitlybot)"],
|
||||||
"actions": [
|
"actions": [
|
||||||
{
|
{"name": "block",
|
||||||
"name": "block",
|
|
||||||
"params": {"message": "Rate limit exceeded"}}
|
"params": {"message": "Rate limit exceeded"}}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
|
@ -44,7 +64,7 @@
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "block Connection:close",
|
"name": "block Connection:close",
|
||||||
"filters": ["Connection=close"],
|
"filters": ["Header:Connection=close"],
|
||||||
"limit": 0,
|
"limit": 0,
|
||||||
"stop": true,
|
"stop": true,
|
||||||
"actions": [
|
"actions": [
|
||||||
|
|
@ -63,27 +83,13 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "IP limit",
|
"name": "block accept everything",
|
||||||
"interval": 300,
|
"filters": ["!Header:Accept=text/html"],
|
||||||
"limit": 128,
|
"limit": 0,
|
||||||
"stop": true,
|
"stop": true,
|
||||||
"aggregations": ["Header:X-Forwarded-For"],
|
|
||||||
"actions": [
|
"actions": [
|
||||||
{
|
{"name": "block",
|
||||||
"name": "block",
|
"params": {"message": "Rate limit exceeded"}}
|
||||||
"params": {"message": "Rate limit exceeded, try again later."}}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "useragent limit",
|
|
||||||
"interval": 600,
|
|
||||||
"limit": 60,
|
|
||||||
"stop": true,
|
|
||||||
"aggregations": ["Header:X-Forwarded-For", "Header:User-Agent"],
|
|
||||||
"actions": [
|
|
||||||
{
|
|
||||||
"name": "block",
|
|
||||||
"params": {"message": "Rate limit exceeded, try again later."}}
|
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|
@ -91,18 +97,29 @@
|
||||||
"interval": 3600,
|
"interval": 3600,
|
||||||
"limit": 4,
|
"limit": 4,
|
||||||
"stop": true,
|
"stop": true,
|
||||||
"filters": ["Header:User-Agent", "Param:format=(csv|json|rss)"],
|
"filters": ["Param:format=(csv|json|rss)"],
|
||||||
|
"aggregations": ["Header:X-Forwarded-For"],
|
||||||
"actions": [
|
"actions": [
|
||||||
{
|
{"name": "block",
|
||||||
"name": "block",
|
|
||||||
"params": {"message": "Rate limit exceeded, try again later."}}
|
"params": {"message": "Rate limit exceeded, try again later."}}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "block accept everything",
|
"name": "IP limit",
|
||||||
"filters": ["!Header:Accept=text/html"],
|
"interval": 3,
|
||||||
"limit": 0,
|
"limit": 3,
|
||||||
|
"aggregations": ["Header:X-Forwarded-For"],
|
||||||
|
"actions": [
|
||||||
|
{"name": "block",
|
||||||
|
"params": {"message": "Rate limit exceeded, try again later."}}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "IP and useragent limit",
|
||||||
|
"interval": 600,
|
||||||
|
"limit": 60,
|
||||||
"stop": true,
|
"stop": true,
|
||||||
|
"aggregations": ["Header:X-Forwarded-For", "Header:User-Agent"],
|
||||||
"actions": [
|
"actions": [
|
||||||
{"name": "block",
|
{"name": "block",
|
||||||
"params": {"message": "Rate limit exceeded, try again later."}}
|
"params": {"message": "Rate limit exceeded, try again later."}}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue