add a filter for banning solr facet bots

we have had queries that have a large number of facets. This filter will look for 8 of these for blacklight. It works with blacklight 7. IPs found will be banned Co-authored-by: Jason Casden <[email protected]>
pulibrary · Jan 16, 2025 · f7801a4 · f7801a4
1 parent 929c5dc
commit f7801a4
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 0 deletions.
diff --git a/roles/nginxplus/files/fail2ban/nginx-f_inclusive.conf b/roles/nginxplus/files/fail2ban/nginx-f_inclusive.conf
@@ -1,3 +1,4 @@
 [Definition]
 failregex = ^\{\"remote_ip\"\: \"<ADDR>\".{45,80}\"uri\"\:.{4,}?(?:\&?f(?:_inclusive)?%%5B.{5,}?){20,}
+nginx-f_inclusive.conf
 ignoreregex =
diff --git a/roles/nginxplus/tasks/prerequisites/install-prerequisites.yml b/roles/nginxplus/tasks/prerequisites/install-prerequisites.yml
@@ -68,6 +68,14 @@
   when: running_on_server
   notify: restart fail2ban
 
+- name: Nginxplus | Add nginx-bad-httpbots restriction
+  ansible.builtin.copy:
+    src: "fail2ban/nginx-bad-httpbots.conf"
+    dest: "/etc/fail2ban/jail.d/nginx-bad-httpbots.conf"
+    owner: root
+    group: root
+    mode: "0644"
+
 - name: Nginxplus | Add nginx-limit-req fail2ban configuration
   ansible.builtin.copy:
     src: "fail2ban/nginx-limit-req.conf"
@@ -86,6 +94,14 @@
     group: root
     mode: "0644"
 
+- name: Nginxplus | Add solr facet filter
+  ansible.builtin.copy:
+    src: "fail2ban/nginx-f_inclusive.conf"
+    dest: "/etc/fail2ban/filter.d/nginx-f_inclusive.conf"
+    owner: root
+    group: root
+    mode: "0644"
+
 - name: Nginxplus | start and enable fail2ban
   ansible.builtin.service:
     name: fail2ban