Add initial bot blocking code

2025-01-07 12:44:43 +00:00
parent e9d72bf2e0
commit c0d44b0d83
2 changed files with 14 additions and 1 deletions
--- a/apptabulous/reverseproxy/conf.d/reverse_proxy.conf
+++ b/apptabulous/reverseproxy/conf.d/reverse_proxy.conf
@@ -1,3 +1,11 @@
+# Create a map of known attack locations
+map $request_uri $block_uri {
+    default 0;
+    ~*/wp-.* 1;
+    ~*\.env 1;
+    /etc 1;
+}
+
 # Webserver
 server {
    listen 80;
@@ -10,6 +18,10 @@ server {

    server_name apptabulous.co.uk www.apptabulous.co.uk;

+    if ($block_uri = 1) {
+        return 403;
+    }
+
    location / {
        proxy_pass http://rpi4-2:3000;
    }
--- a/frontend.yaml
+++ b/frontend.yaml
@@ -57,7 +57,8 @@
    - name: Start reverse proxy container
      community.docker.docker_container:
        name: reverse_proxy
-        image: nginx:mainline-alpine-slim
+        #image: nginx:1.26.2-alpine-slim
+        image: ghcr.io/m5p3nc3r/nginx-keyval:main
        restart_policy: always
        volumes:
          - /etc/reverseproxy/conf.d:/etc/nginx/conf.d