New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
"not working" is not enough information to understand why it's not working for you. Maybe you put this in the wrong .conf or made a syntax mistake.
If nginx syntax doesn't cooperate, try fail2ban.
Putting it in right conf file and inside server block that's why nginx isn't giving any error on restart regarding syntax.
don't specify the entire user agent like, just need identifiers... this is what i do https://community.centminmod.com/threads/blocking-bad-or-aggressive-bots.6433/ which also works well with my fail2ban + csf implementation for Centmin Mod users https://community.centminmod.com/threads/fail2ban-for-centmin-mod-csf-firewall-cloudflare-api.11687/.
specific example here
@eva2000 thank you for your reply actually i want to block some genuine visitors (creating lot of problems). Blocking IP isn't an option they keep coming back changing different ip addresses. So a better solution is blocking the specific user agent with OS and browser version so that it's limited to only a few.
Blocking this works: Chrome/58.0.3029.110 Safari/537.36
But blocking this doesn't work: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
I guess the issue is that some of the user agent text is inside this parenthesis that nginx isn't reading?
Any fix for this?
Banning a user by blocking user agents is batshit crazy. This reminded me of "Spam is a Solved Problem, just drop some /8 and done" approach. Hmm. Gluck.
Changing user agents is much simpler than changing IPs... so blocking a specific user agent will get you absolutely nowhere, except possibly blocking innocent visitors.
I already checked my logs not many are using those user agents so it's not going to be a big problem. Only few linux and mac users
I know it's easy to change with addons in chrome and firefox but still i want to give it a try because tired of those abusers changing IP addresses all the time.
What kind of abuse are you trying to prevent? What is your service: forum, blog, api or what? Do you have authorization in place?
Flash Chatroom and it's not member only so anyone can join with a ick. After bans these abuser spammers keep coming back with different ip address and by using incognito window so that banning their cookie is also useless and they are back within a minute. Thanks to these VPN services like Hidemyass life is already a hell for many webmasters because with these vpn services spammer abuser got access to thousands of ip addresses from different countries with 1 click. There are many VPN servers offering this and to give you an idea HMA alone got 92000+ IP addresses in 190+ countries. You can't even block them because their subnet/CIDR isn't under one or a few ASNs.
There is your real working solution.
Blocking an user agent is even less effective than blocking IP addresses.
Make your chatroom member-only. Or even better, invite-only.
But this way i will lose many users who don't want to register.
Let them come up with valid reasons why they don't want to register. I can't understand why filling in an email and thing up a password could be that hard.