💾 Archived View for elmau.net › notes › nginx.gmi captured on 2021-12-06 at 14:29:53. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2021-11-30)

-=-=-=-=-=-=-

Nginx

* Ubuntu Server 20.04

sudo apt install nginx
sudo vim /etc/nginx/nginx.conf

    user  www-data;
    worker_processes  auto;
    worker_rlimit_nofile 20480;
    pid /run/nginx.pid;

    error_log  /var/log/nginx/error.log warn;

    events {
        worker_connections  5120;
    }

    http {
        include       /etc/nginx/mime.types;
        default_type  application/octet-stream;

        server_tokens off;
        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';

        access_log  /var/log/nginx/access.log  main;

        sendfile        on;

        keepalive_timeout  65;

        include /etc/nginx/sites-enabled/*.conf;

        disable_symlinks off;

        client_max_body_size 10m;

    }
vim /etc/letsencrypt/options-ssl-nginx.conf

    add_header Permissions-Policy interest-cohort=();
sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/install-ngxblocker -O /usr/local/sbin/install-ngxblocker

sudo chmod +x /usr/local/sbin/install-ngxblocker

sudo install-ngxblocker -x

sudo chmod +x /usr/local/sbin/setup-ngxblocker

sudo chmod +x /usr/local/sbin/update-ngxblocker

sudo /usr/local/sbin/setup-ngxblocker -x -e conf
sudo vim /etc/nginx/bots.d/blacklist-user-agents.conf

    # ------------
    # MY BLACKLIST
    # ------------

    "~*(?:\b)x22(?:\b)"                 3;
    "~*(?:\b){|}(?:\b)"                 3;
    "~*(?:\b)mb_ereg_replace(?:\b)"         3;
    "~*(?:\b)file_put_contents(?:\b)"           3;
    "~*(?:\b)AdsBot-Google(?:\b)"           3;
    "~*(?:\b)DoCoMo(?:\b)"          3;
    "~*(?:\b)Feedfetcher-Google(?:\b)"              3;
    "~*(?:\b)Google-HTTP-Java-Client(?:\b)"         3;
    "~*(?:\b)Googlebot(?:\b)"               3;
    "~*(?:\b)Googlebot-Image(?:\b)"         3;
    "~*(?:\b)Googlebot-Mobile(?:\b)"                3;
    "~*(?:\b)Googlebot-News(?:\b)"          3;
    "~*(?:\b)Googlebot-Video(?:\b)"         3;
    "~*(?:\b)Googlebot/Test(?:\b)"          3;
    "~*(?:\b)Gravityscan(?:\b)"             3;
    "~*(?:\b)Jakarta\ Commons(?:\b)"                3;
    "~*(?:\b)Kraken/0.1(?:\b)"              3;
    "~*(?:\b)LinkedInBot(?:\b)"             3;
    "~*(?:\b)Mediapartners-Google(?:\b)"            3;
    "~*(?:\b)SAMSUNG(?:\b)"         3;
    "~*(?:\b)Slackbot(?:\b)"                3;
    "~*(?:\b)Slackbot-LinkExpanding(?:\b)"          3;
    "~*(?:\b)TwitterBot(?:\b)"              3;
    "~*(?:\b)Wordpress(?:\b)"               3;
    "~*(?:\b)adidxbot(?:\b)"                3;
    "~*(?:\b)aolbuild(?:\b)"                3;
    "~*(?:\b)bingbot(?:\b)"         3;
    "~*(?:\b)bingpreview(?:\b)"             3;
    "~*(?:\b)developers.facebook.com(?:\b)"         3;
    "~*(?:\b)duckduckgo(?:\b)"              3;
    "~*(?:\b)facebookexternalhit(?:\b)"             3;
    "~*(?:\b)facebookplatform(?:\b)"                3;
    "~*(?:\b)gsa-crawler(?:\b)"             3;
    "~*(?:\b)msnbot(?:\b)"          3;
    "~*(?:\b)msnbot-media(?:\b)"            3;
    "~*(?:\b)slurp(?:\b)"           3;
    "~*(?:\b)teoma(?:\b)"           3;
    "~*(?:\b)yahoo(?:\b)"           3;

Regresar el índice

Regresar el inicio