From f7801a4c31e3cf2ef9b990adc33fe8c69fd7c5fa Mon Sep 17 00:00:00 2001 From: Francis Kayiwa Date: Tue, 17 Dec 2024 13:18:41 -0500 Subject: [PATCH] add a filter for banning solr facet bots we have had queries that have a large number of facets. This filter will look for 8 of these for blacklight. It works with blacklight 7. IPs found will be banned Co-authored-by: Jason Casden --- .../files/fail2ban/nginx-f_inclusive.conf | 1 + .../prerequisites/install-prerequisites.yml | 16 ++++++++++++++++ 2 files changed, 17 insertions(+) diff --git a/roles/nginxplus/files/fail2ban/nginx-f_inclusive.conf b/roles/nginxplus/files/fail2ban/nginx-f_inclusive.conf index 02febb45b..23b315eb1 100644 --- a/roles/nginxplus/files/fail2ban/nginx-f_inclusive.conf +++ b/roles/nginxplus/files/fail2ban/nginx-f_inclusive.conf @@ -1,3 +1,4 @@ [Definition] failregex = ^\{\"remote_ip\"\: \"\".{45,80}\"uri\"\:.{4,}?(?:\&?f(?:_inclusive)?%%5B.{5,}?){20,} +nginx-f_inclusive.conf ignoreregex = diff --git a/roles/nginxplus/tasks/prerequisites/install-prerequisites.yml b/roles/nginxplus/tasks/prerequisites/install-prerequisites.yml index 7be82469e..79ef62c97 100644 --- a/roles/nginxplus/tasks/prerequisites/install-prerequisites.yml +++ b/roles/nginxplus/tasks/prerequisites/install-prerequisites.yml @@ -68,6 +68,14 @@ when: running_on_server notify: restart fail2ban +- name: Nginxplus | Add nginx-bad-httpbots restriction + ansible.builtin.copy: + src: "fail2ban/nginx-bad-httpbots.conf" + dest: "/etc/fail2ban/jail.d/nginx-bad-httpbots.conf" + owner: root + group: root + mode: "0644" + - name: Nginxplus | Add nginx-limit-req fail2ban configuration ansible.builtin.copy: src: "fail2ban/nginx-limit-req.conf" @@ -86,6 +94,14 @@ group: root mode: "0644" +- name: Nginxplus | Add solr facet filter + ansible.builtin.copy: + src: "fail2ban/nginx-f_inclusive.conf" + dest: "/etc/fail2ban/filter.d/nginx-f_inclusive.conf" + owner: root + group: root + mode: "0644" + - name: Nginxplus | start and enable fail2ban ansible.builtin.service: name: fail2ban