I just installed the Ultimate Bad Bot Blocker on our Mastodon server. It blocks bad bots, spam referrers, vulnerability scanners, malicious user agents, malware, adware, ransomware, and other harmful bots. It also includes anti-DDoS protection and a Fail2Ban jail for repeat offenders
https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
Discussion
Loading...
Post
@rolle try crowdsec instead of fail2ban, has some significant upsides
Come on, she's just a Fediverse chick… 😉
@katzenberger Haven't seen her for a while!
@rolle @katzenberger I'd probably point to my fork of the project.. I do manual weekly updates from upstream and make it fedi and tor friendly:
https://git.wolfi.ee/jase/nginx-bad-bot-blocker
And to empathize on manual updates.. this weekend I just went to update from upstream.. the blocklist is totally empty their automatic scripts have broken.. and people in issues on it are having DDOS attacks as a result from all the bad stuff not being blocked suddenly lol. I caught that from noticing when I grabbed latest list
@jase Thanks for sharing! @katzenberger
@rolle interesting. Was there seen problem that made you install it? Qurious to see it in action.
@ikkeT This is something I've wanted to do for a while now. It feels better knowing our posts aren't constantly being scraped by OpenAI and similar services. At work, we've seen a huge increase in bot traffic on our servers, which slows things down. You can't block them reliably by other means since they ignore robots.txt completely and fake user agents to look like normal browsers or users. I'm planning to extend this to my other servers and the company's servers as well, so this is a good start. HAproxy and CF have their own methods on top of this.
bonfire.cafe
A space for Bonfire maintainers and contributors to communicate
Automatic federation enabled