Blocking Bots

It happens all too often your website is bombarded with requests from a malicious bot. By reading your access logs you can retrieve the source of that traffic. Usually the log shows a specific IP / IP range, user agent or country responsible for the excessive traffic to your site.

To block this traffic use your Nginx configuration.

You block this by changing the nginx configuration. Don't forget to reload your configuration every time you change it by using the nginx-reload command.

Ip / Ip range

This is an example how to block a IP address/ IP range.

deny 1.2.3.4; # IP
deny 1.2.3.4/16; # IP range CIDR notation

User agent

Blocking all user agents containing a 'BadUserAgent' flag:

if ($http_user_agent ~* (BadUserAgent) ) {
   return 403;
}

Land

Blocking a country is done by using the ISO 3166-1 alpha-2 code.

For example China:

if ($geoip_country_code = 'CN') {
    return 403;
}

Or even multiple countries like China And Hong Kong

if ($geoip_country_code ~* '(CN|HK)') {
    return 403;
}

Pro-active blocking

Next to the post blocking of bots or countries, Hipex offers you a well-kept list of malicious bots. Use this list to block bots by default, it is activated by default and located in: ~/domains/<domain>/var/etc/security.nginx.conf.

Some SEO tools show behavior which is very similar to a malicious bot and may be blocked. These blocks are deactivated by adding the following rules to your comment section.

include /etc/nginx/bots.d/blockbots.conf;
include /etc/nginx/bots.d/ddos.conf;