[+] update nginx config
1. add drop_by_user_agent section
for ssl servers;
1.1. ban traffic from openai.com/gptbot;
This commit is contained in:
parent
aa6b407fe7
commit
ef32d2ae38
@ -1,4 +1,5 @@
|
||||
import json
|
||||
import re
|
||||
import socket
|
||||
import os
|
||||
import io
|
||||
@ -312,6 +313,11 @@ server {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location ~ ^/.well-known/acme-challenge/ {
|
||||
alias /var/www/;
|
||||
try_files $uri =404;
|
||||
}
|
||||
|
||||
location ~ {
|
||||
deny all;
|
||||
}
|
||||
@ -374,6 +380,23 @@ server {
|
||||
else:
|
||||
http_location = location_forward_ssl
|
||||
|
||||
drop_by_user_agent = ''
|
||||
|
||||
if not server.get('drop_by_user_agent') is None:
|
||||
r = re.compile('^([a-zA-Z0-9\s\.\,\(\)]+)$')
|
||||
user_agent_list = [
|
||||
r.match(o)[1]
|
||||
for o in server.get('drop_by_user_agent')
|
||||
]
|
||||
drop_by_user_agent = r'''
|
||||
if ( $http_user_agent ~ ({user_agent_list}) ) {
|
||||
return 444;
|
||||
}
|
||||
'''.replace(
|
||||
'{user_agent_list}',
|
||||
'|'.join(user_agent_list)
|
||||
)
|
||||
|
||||
servers.append(
|
||||
r'''
|
||||
server {
|
||||
@ -410,6 +433,8 @@ server {
|
||||
ssl_certificate {signed_chain_cert};
|
||||
ssl_certificate_key {domain_key};
|
||||
|
||||
{drop_by_user_agent}
|
||||
|
||||
location ^~ / {
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
@ -430,6 +455,8 @@ server {
|
||||
'{client_max_body_size}', server['client_max_body_size'],
|
||||
).replace(
|
||||
'{domain_key}', server['domain_key'],
|
||||
).replace(
|
||||
'{drop_by_user_agent}', drop_by_user_agent,
|
||||
).replace(
|
||||
'{ssl_port}', '%d' % ssl_port,
|
||||
).replace(
|
||||
|
||||
Loading…
Reference in New Issue
Block a user