External/patterns
1
0
Fork 0
mirror of https://github.com/fabriziosalmi/patterns.git synced 2025-12-17 17:55:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
patterns/waf_patterns/nginx/bots.conf

680 lines
14 KiB
Plaintext
Raw Normal View History

Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:48:06 UTC 2024]
2024-12-21 00:48:06 +00:00
# Nginx WAF - Bad Bot Blocker
map $http_user_agent $bad_bot {
"~*01h4x.com" 1;
"~*360Spider" 1;
"~*404checker" 1;
"~*404enemy" 1;
"~*80legs" 1;
"~*ADmantX" 1;
"~*AIBOT" 1;
"~*ALittle\ Client" 1;
"~*ASPSeek" 1;
"~*Abonti" 1;
"~*Aboundex" 1;
"~*Aboundexbot" 1;
"~*Acunetix" 1;
"~*AdsTxtCrawlerTP" 1;
"~*AfD-Verbotsverfahren" 1;
"~*AhrefsBot" 1;
"~*AiHitBot" 1;
"~*Aipbot" 1;
"~*Alexibot" 1;
"~*AllSubmitter" 1;
"~*Alligator" 1;
"~*AlphaBot" 1;
"~*Anarchie" 1;
"~*Anarchy" 1;
"~*Anarchy99" 1;
"~*Ankit" 1;
"~*Anthill" 1;
"~*Apexoo" 1;
"~*Aspiegel" 1;
"~*Asterias" 1;
"~*Atomseobot" 1;
"~*Attach" 1;
"~*AwarioBot" 1;
"~*AwarioRssBot" 1;
"~*AwarioSmartBot" 1;
"~*BBBike" 1;
"~*BDCbot" 1;
"~*BDFetch" 1;
"~*BLEXBot" 1;
"~*BackDoorBot" 1;
"~*BackStreet" 1;
"~*BackWeb" 1;
"~*Backlink-Ceck" 1;
"~*BacklinkCrawler" 1;
"~*BacklinksExtendedBot" 1;
"~*Badass" 1;
"~*Bandit" 1;
"~*Barkrowler" 1;
"~*BatchFTP" 1;
"~*Battleztar\ Bazinga" 1;
"~*BetaBot" 1;
"~*Bigfoot" 1;
"~*Bitacle" 1;
"~*BlackWidow" 1;
"~*Black\ Hole" 1;
"~*Blackboard" 1;
"~*Blow" 1;
"~*BlowFish" 1;
"~*Boardreader" 1;
"~*Bolt" 1;
"~*BotALot" 1;
"~*Brandprotect" 1;
"~*Brandwatch" 1;
"~*Buck" 1;
"~*Buddy" 1;
"~*BuiltBotTough" 1;
"~*BuiltWith" 1;
"~*Bullseye" 1;
"~*BunnySlippers" 1;
"~*BuzzSumo" 1;
"~*Bytespider" 1;
"~*CATExplorador" 1;
"~*CCBot" 1;
"~*CODE87" 1;
"~*CSHttp" 1;
"~*Calculon" 1;
"~*CazoodleBot" 1;
"~*Cegbfeieh" 1;
"~*CensysInspect" 1;
"~*ChatGPT-User" 1;
"~*CheTeam" 1;
"~*CheeseBot" 1;
"~*CherryPicker" 1;
"~*ChinaClaw" 1;
"~*Chlooe" 1;
"~*Citoid" 1;
"~*Claritybot" 1;
"~*ClaudeBot" 1;
"~*Cliqzbot" 1;
"~*Cloud\ mapping" 1;
"~*Cocolyzebot" 1;
"~*Cogentbot" 1;
"~*Collector" 1;
"~*Copier" 1;
"~*CopyRightCheck" 1;
"~*Copyscape" 1;
"~*Cosmos" 1;
"~*Craftbot" 1;
"~*Crawling\ at\ Home\ Project" 1;
"~*CrazyWebCrawler" 1;
"~*Crescent" 1;
"~*CrunchBot" 1;
"~*Curious" 1;
"~*Custo" 1;
"~*CyotekWebCopy" 1;
"~*DBLBot" 1;
"~*DIIbot" 1;
"~*DSearch" 1;
"~*DTS\ Agent" 1;
"~*DataCha0s" 1;
"~*DatabaseDriverMysqli" 1;
"~*Demon" 1;
"~*Deusu" 1;
"~*Devil" 1;
"~*Digincore" 1;
"~*DigitalPebble" 1;
"~*Dirbuster" 1;
"~*Disco" 1;
"~*Discobot" 1;
"~*Discoverybot" 1;
"~*Dispatch" 1;
"~*DittoSpyder" 1;
"~*DnBCrawler-Analytics" 1;
"~*DnyzBot" 1;
"~*DomCopBot" 1;
"~*DomainAppender" 1;
"~*DomainCrawler" 1;
"~*DomainSigmaCrawler" 1;
"~*DomainStatsBot" 1;
"~*Domains\ Project" 1;
"~*Dotbot" 1;
"~*Download\ Wonder" 1;
"~*Dragonfly" 1;
"~*Drip" 1;
"~*ECCP/1.0" 1;
"~*EMail\ Siphon" 1;
"~*EMail\ Wolf" 1;
"~*EasyDL" 1;
"~*Ebingbong" 1;
"~*Ecxi" 1;
"~*EirGrabber" 1;
"~*EroCrawler" 1;
"~*Evil" 1;
"~*Exabot" 1;
"~*Express\ WebPictures" 1;
"~*ExtLinksBot" 1;
"~*Extractor" 1;
"~*ExtractorPro" 1;
"~*Extreme\ Picture\ Finder" 1;
"~*EyeNetIE" 1;
"~*Ezooms" 1;
"~*FDM" 1;
"~*FHscan" 1;
"~*FacebookBot" 1;
"~*FemtosearchBot" 1;
"~*Fimap" 1;
"~*Firefox/7.0" 1;
"~*FlashGet" 1;
"~*Flunky" 1;
"~*Foobot" 1;
"~*Freeuploader" 1;
"~*FrontPage" 1;
"~*Fuzz" 1;
"~*FyberSpider" 1;
"~*Fyrebot" 1;
"~*G-i-g-a-b-o-t" 1;
"~*GPTBot" 1;
"~*GT::WWW" 1;
"~*GalaxyBot" 1;
"~*Genieo" 1;
"~*GermCrawler" 1;
"~*GetRight" 1;
"~*GetWeb" 1;
"~*Getintent" 1;
"~*Gigabot" 1;
"~*Go!Zilla" 1;
"~*Go-Ahead-Got-It" 1;
"~*GoZilla" 1;
"~*Gotit" 1;
"~*GrabNet" 1;
"~*Grabber" 1;
"~*Grafula" 1;
"~*GrapeFX" 1;
"~*GrapeshotCrawler" 1;
"~*GridBot" 1;
"~*HEADMasterSEO" 1;
"~*HMView" 1;
"~*HTMLparser" 1;
"~*HTTP::Lite" 1;
"~*HTTrack" 1;
"~*Haansoft" 1;
"~*HaosouSpider" 1;
"~*Harvest" 1;
"~*Havij" 1;
"~*Heritrix" 1;
"~*Hloader" 1;
"~*HonoluluBot" 1;
"~*Humanlinks" 1;
"~*HybridBot" 1;
"~*IDBTE4M" 1;
"~*IDBot" 1;
"~*IRLbot" 1;
"~*Iblog" 1;
"~*Id-search" 1;
"~*IlseBot" 1;
"~*Image\ Fetch" 1;
"~*Image\ Sucker" 1;
"~*ImagesiftBot" 1;
"~*IndeedBot" 1;
"~*Indy\ Library" 1;
"~*InfoNaviRobot" 1;
"~*InfoTekies" 1;
"~*Information\ Security\ Team\ InfraSec\ Scanner" 1;
"~*InfraSec\ Scanner" 1;
"~*Intelliseek" 1;
"~*InterGET" 1;
"~*InternetMeasurement" 1;
"~*InternetSeer" 1;
"~*Internet\ Ninja" 1;
"~*Iria" 1;
"~*Iskanie" 1;
"~*IstellaBot" 1;
"~*JOC\ Web\ Spider" 1;
"~*JamesBOT" 1;
"~*Jbrofuzz" 1;
"~*JennyBot" 1;
"~*JetCar" 1;
"~*Jetty" 1;
"~*JikeSpider" 1;
"~*Joomla" 1;
"~*Jorgee" 1;
"~*JustView" 1;
"~*Jyxobot" 1;
"~*Kenjin\ Spider" 1;
"~*Keybot\ Translation-Search-Machine" 1;
"~*Keyword\ Density" 1;
"~*Kinza" 1;
"~*Kozmosbot" 1;
"~*LNSpiderguy" 1;
"~*LWP::Simple" 1;
"~*Lanshanbot" 1;
"~*Larbin" 1;
"~*Leap" 1;
"~*LeechFTP" 1;
"~*LeechGet" 1;
"~*LexiBot" 1;
"~*Lftp" 1;
"~*LibWeb" 1;
"~*Libwhisker" 1;
"~*LieBaoFast" 1;
"~*Lightspeedsystems" 1;
"~*Likse" 1;
"~*LinkScan" 1;
"~*LinkWalker" 1;
"~*Linkbot" 1;
"~*LinkextractorPro" 1;
"~*LinkpadBot" 1;
"~*LinksManager" 1;
"~*LinqiaMetadataDownloaderBot" 1;
"~*LinqiaRSSBot" 1;
"~*LinqiaScrapeBot" 1;
"~*Lipperhey" 1;
"~*Lipperhey\ Spider" 1;
"~*Litemage_walker" 1;
"~*Lmspider" 1;
"~*Ltx71" 1;
"~*MFC_Tear_Sample" 1;
"~*MIDown\ tool" 1;
"~*MIIxpc" 1;
"~*MJ12bot" 1;
"~*MQQBrowser" 1;
"~*MSFrontPage" 1;
"~*MSIECrawler" 1;
"~*MTRobot" 1;
"~*Mag-Net" 1;
"~*Magnet" 1;
"~*Mail.RU_Bot" 1;
"~*Majestic-SEO" 1;
"~*Majestic12" 1;
"~*Majestic\ SEO" 1;
"~*MarkMonitor" 1;
"~*MarkWatch" 1;
"~*Mass\ Downloader" 1;
"~*Masscan" 1;
"~*Mata\ Hari" 1;
"~*MauiBot" 1;
"~*Mb2345Browser" 1;
"~*MeanPath\ Bot" 1;
"~*Meanpathbot" 1;
"~*Mediatoolkitbot" 1;
"~*MegaIndex.ru" 1;
"~*Metauri" 1;
"~*MicroMessenger" 1;
"~*Microsoft\ Data\ Access" 1;
"~*Microsoft\ URL\ Control" 1;
"~*Minefield" 1;
"~*Mister\ PiX" 1;
"~*Moblie\ Safari" 1;
"~*Mojeek" 1;
"~*Mojolicious" 1;
"~*MolokaiBot" 1;
"~*Morfeus\ Fucking\ Scanner" 1;
"~*Mozlila" 1;
"~*Mr.4x3" 1;
"~*Msrabot" 1;
"~*Musobot" 1;
"~*NICErsPRO" 1;
"~*NPbot" 1;
"~*Name\ Intelligence" 1;
"~*Nameprotect" 1;
"~*Navroad" 1;
"~*NearSite" 1;
"~*Needle" 1;
"~*Nessus" 1;
"~*NetAnts" 1;
"~*NetLyzer" 1;
"~*NetMechanic" 1;
"~*NetSpider" 1;
"~*NetZIP" 1;
"~*Net\ Vampire" 1;
"~*Netcraft" 1;
"~*Nettrack" 1;
"~*Netvibes" 1;
"~*NextGenSearchBot" 1;
"~*Nibbler" 1;
"~*Niki-bot" 1;
"~*Nikto" 1;
"~*NimbleCrawler" 1;
"~*Nimbostratus" 1;
"~*Ninja" 1;
"~*Nmap" 1;
"~*Nuclei" 1;
"~*Nutch" 1;
"~*Octopus" 1;
"~*Offline\ Explorer" 1;
"~*Offline\ Navigator" 1;
"~*OnCrawl" 1;
"~*OpenLinkProfiler" 1;
"~*OpenVAS" 1;
"~*Openfind" 1;
"~*Openvas" 1;
"~*OrangeBot" 1;
"~*OrangeSpider" 1;
"~*OutclicksBot" 1;
"~*OutfoxBot" 1;
"~*PECL::HTTP" 1;
"~*PHPCrawl" 1;
"~*POE-Component-Client-HTTP" 1;
"~*PageAnalyzer" 1;
"~*PageGrabber" 1;
"~*PageScorer" 1;
"~*PageThing.com" 1;
"~*Page\ Analyzer" 1;
"~*Pandalytics" 1;
"~*Panscient" 1;
"~*Papa\ Foto" 1;
"~*Pavuk" 1;
"~*PeoplePal" 1;
"~*Petalbot" 1;
"~*Pi-Monster" 1;
"~*Picscout" 1;
"~*Picsearch" 1;
"~*PictureFinder" 1;
"~*Piepmatz" 1;
"~*Pimonster" 1;
"~*Pixray" 1;
"~*PleaseCrawl" 1;
"~*Pockey" 1;
"~*ProPowerBot" 1;
"~*ProWebWalker" 1;
"~*Probethenet" 1;
"~*Proximic" 1;
"~*Psbot" 1;
"~*Pu_iN" 1;
"~*Pump" 1;
"~*PxBroker" 1;
"~*PyCurl" 1;
"~*QueryN\ Metasearch" 1;
"~*Quick-Crawler" 1;
"~*RSSingBot" 1;
"~*Rainbot" 1;
"~*RankActive" 1;
"~*RankActiveLinkBot" 1;
"~*RankFlex" 1;
"~*RankingBot" 1;
"~*RankingBot2" 1;
"~*Rankivabot" 1;
"~*RankurBot" 1;
"~*Re-re" 1;
"~*ReGet" 1;
"~*RealDownload" 1;
"~*Reaper" 1;
"~*RebelMouse" 1;
"~*Recorder" 1;
"~*RedesScrapy" 1;
"~*RepoMonkey" 1;
"~*Ripper" 1;
"~*RocketCrawler" 1;
"~*Rogerbot" 1;
"~*SBIder" 1;
"~*SEOkicks" 1;
"~*SEOkicks-Robot" 1;
"~*SEOlyt" 1;
"~*SEOlyticsCrawler" 1;
"~*SEOprofiler" 1;
"~*SEOstats" 1;
"~*SISTRIX" 1;
"~*SMTBot" 1;
"~*SalesIntelligent" 1;
"~*ScanAlert" 1;
"~*Scanbot" 1;
"~*ScoutJet" 1;
"~*Scrapy" 1;
"~*Screaming" 1;
"~*ScreenerBot" 1;
"~*ScrepyBot" 1;
"~*Searchestate" 1;
"~*SearchmetricsBot" 1;
"~*Seekport" 1;
"~*SeekportBot" 1;
"~*SemanticJuice" 1;
"~*Semrush" 1;
"~*SemrushBot" 1;
"~*SentiBot" 1;
"~*SenutoBot" 1;
"~*SeoCherryBot" 1;
"~*SeoSiteCheckup" 1;
"~*SeobilityBot" 1;
"~*Seomoz" 1;
"~*Shodan" 1;
"~*Siphon" 1;
"~*SiteCheckerBotCrawler" 1;
"~*SiteExplorer" 1;
"~*SiteLockSpider" 1;
"~*SiteSnagger" 1;
"~*SiteSucker" 1;
"~*Site\ Sucker" 1;
"~*Sitebeam" 1;
"~*Siteimprove" 1;
"~*Sitevigil" 1;
"~*SlySearch" 1;
"~*SmartDownload" 1;
"~*Snake" 1;
"~*Snapbot" 1;
"~*Snoopy" 1;
"~*SocialRankIOBot" 1;
"~*Sociscraper" 1;
"~*Sogou\ web\ spider" 1;
"~*Sosospider" 1;
"~*Sottopop" 1;
"~*SpaceBison" 1;
"~*Spammen" 1;
"~*SpankBot" 1;
"~*Spanner" 1;
"~*Spbot" 1;
"~*Spider_Bot" 1;
"~*Spider_Bot/3.0" 1;
"~*Spinn3r" 1;
"~*SputnikBot" 1;
"~*Sqlmap" 1;
"~*Sqlworm" 1;
"~*Sqworm" 1;
"~*Steeler" 1;
"~*Stripper" 1;
"~*Sucker" 1;
"~*Sucuri" 1;
"~*SuperBot" 1;
"~*SuperHTTP" 1;
"~*Surfbot" 1;
"~*SurveyBot" 1;
"~*Suzuran" 1;
"~*Swiftbot" 1;
"~*Szukacz" 1;
"~*T0PHackTeam" 1;
"~*T8Abot" 1;
"~*Teleport" 1;
"~*TeleportPro" 1;
"~*Telesoft" 1;
"~*Telesphoreo" 1;
"~*Telesphorep" 1;
"~*TheNomad" 1;
"~*The\ Intraformant" 1;
"~*Thumbor" 1;
"~*TightTwatBot" 1;
"~*TinyTestBot" 1;
"~*Titan" 1;
"~*Toata" 1;
"~*Toweyabot" 1;
"~*Tracemyfile" 1;
"~*Trendiction" 1;
"~*Trendictionbot" 1;
"~*True_Robot" 1;
"~*Turingos" 1;
"~*Turnitin" 1;
"~*TurnitinBot" 1;
"~*TwengaBot" 1;
"~*Twice" 1;
"~*Typhoeus" 1;
"~*URLy.Warning" 1;
"~*URLy\ Warning" 1;
"~*UnisterBot" 1;
"~*Upflow" 1;
"~*V-BOT" 1;
"~*VB\ Project" 1;
"~*VCI" 1;
"~*Vacuum" 1;
"~*Vagabondo" 1;
"~*VelenPublicWebCrawler" 1;
"~*VeriCiteCrawler" 1;
"~*VidibleScraper" 1;
"~*Virusdie" 1;
"~*VoidEYE" 1;
"~*Voil" 1;
"~*Voltron" 1;
"~*WASALive-Bot" 1;
"~*WBSearchBot" 1;
"~*WEBDAV" 1;
"~*WISENutbot" 1;
"~*WPScan" 1;
"~*WWW-Collector-E" 1;
"~*WWW-Mechanize" 1;
"~*WWW::Mechanize" 1;
"~*WWWOFFLE" 1;
"~*Wallpapers" 1;
"~*Wallpapers/3.0" 1;
"~*WallpapersHD" 1;
"~*WeSEE" 1;
"~*WebAuto" 1;
"~*WebBandit" 1;
"~*WebCollage" 1;
"~*WebCopier" 1;
"~*WebEnhancer" 1;
"~*WebFetch" 1;
"~*WebFuck" 1;
"~*WebGo\ IS" 1;
"~*WebImageCollector" 1;
"~*WebLeacher" 1;
"~*WebPix" 1;
"~*WebReaper" 1;
"~*WebSauger" 1;
"~*WebStripper" 1;
"~*WebSucker" 1;
"~*WebWhacker" 1;
"~*WebZIP" 1;
"~*Web\ Auto" 1;
"~*Web\ Collage" 1;
"~*Web\ Enhancer" 1;
"~*Web\ Fetch" 1;
"~*Web\ Fuck" 1;
"~*Web\ Pix" 1;
"~*Web\ Sauger" 1;
"~*Web\ Sucker" 1;
"~*Webalta" 1;
"~*WebmasterWorldForumBot" 1;
"~*Webshag" 1;
"~*WebsiteExtractor" 1;
"~*WebsiteQuester" 1;
"~*Website\ Quester" 1;
"~*Webster" 1;
"~*Whack" 1;
"~*Whacker" 1;
"~*Whatweb" 1;
"~*Who.is\ Bot" 1;
"~*Widow" 1;
"~*WinHTTrack" 1;
"~*WiseGuys\ Robot" 1;
"~*Wonderbot" 1;
"~*Woobot" 1;
"~*Wotbox" 1;
"~*Wprecon" 1;
"~*Xaldon\ WebSpider" 1;
"~*Xaldon_WebSpider" 1;
"~*Xenu" 1;
"~*YaK" 1;
"~*YoudaoBot" 1;
"~*Zade" 1;
"~*Zauba" 1;
"~*Zermelo" 1;
"~*Zeus" 1;
"~*Zitebot" 1;
"~*ZmEu" 1;
"~*ZoomBot" 1;
"~*ZoominfoBot" 1;
"~*ZumBot" 1;
"~*ZyBorg" 1;
"~*adscanner" 1;
"~*anthropic-ai" 1;
"~*archive.org_bot" 1;
"~*arquivo-web-crawler" 1;
"~*arquivo.pt" 1;
"~*autoemailspider" 1;
"~*awario.com" 1;
"~*backlink-check" 1;
"~*cah.io.community" 1;
"~*check1.exe" 1;
"~*clark-crawler" 1;
"~*coccocbot" 1;
"~*cognitiveseo" 1;
"~*cohere-ai" 1;
"~*com.plumanalytics" 1;
"~*crawl.sogou.com" 1;
"~*crawler.feedback" 1;
"~*crawler4j" 1;
"~*dataforseo.com" 1;
"~*dataforseobot" 1;
"~*demandbase-bot" 1;
"~*domainsproject.org" 1;
"~*eCatch" 1;
"~*evc-batch" 1;
"~*everyfeed-spider" 1;
"~*facebookscraper" 1;
"~*gopher" 1;
"~*heritrix" 1;
"~*imagesift.com" 1;
"~*instabid" 1;
"~*internetVista\ monitor" 1;
"~*ips-agent" 1;
"~*isitwp.com" 1;
"~*iubenda-radar" 1;
"~*linkdexbot" 1;
"~*linkfluence" 1;
"~*lwp-request" 1;
"~*lwp-trivial" 1;
"~*magpie-crawler" 1;
"~*meanpathbot" 1;
"~*mediawords" 1;
"~*muhstik-scan" 1;
"~*netEstate\ NE\ Crawler" 1;
"~*oBot" 1;
"~*omgili" 1;
"~*openai" 1;
"~*openai.com" 1;
"~*page\ scorer" 1;
"~*pcBrowser" 1;
"~*plumanalytics" 1;
"~*polaris\ version" 1;
"~*probe-image-size" 1;
"~*ripz" 1;
"~*s1z.ru" 1;
"~*satoristudio.net" 1;
"~*scalaj-http" 1;
"~*scan.lol" 1;
"~*seobility" 1;
"~*seocompany.store" 1;
"~*seoscanners" 1;
"~*seostar" 1;
"~*serpstatbot" 1;
"~*sexsearcher" 1;
"~*sitechecker.pro" 1;
"~*siteripz" 1;
"~*sogouspider" 1;
"~*sp_auditbot" 1;
"~*spyfu" 1;
"~*sysscan" 1;
"~*tAkeOut" 1;
"~*trendiction.com" 1;
"~*trendiction.de" 1;
"~*ubermetrics-technologies.com" 1;
"~*voyagerx.com" 1;
"~*webgains-bot" 1;
"~*webmeup-crawler" 1;
"~*webpros.com" 1;
"~*webprosbot" 1;
"~*x09Mozilla" 1;
"~*x22Mozilla" 1;
"~*xpymep1.exe" 1;
"~*zauba.io" 1;
"~*zgrab" 1;
default 0;
}
Update: [Sun Dec 22 00:28:28 UTC 2024]
2024-12-22 00:28:28 +00:00
map $http_x_evil_bit $evil_bit_detected {
default 0;
"1" 1;
}
if ($bad_bot or $evil_bit_detected) {
Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:48:06 UTC 2024]
2024-12-21 00:48:06 +00:00
return 403;
}
Reference in New Issue Copy Permalink