View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000240 | My infrastructure | General | public | 2024-07-07 01:07 | 2024-09-28 18:54 |
| Reporter | dvl | Assigned To | dvl | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | ||
| Summary | 0000240: Add more rate limitations to FreshPorts | ||||
| Description | Trying detecting these pillocks:[0:12 aws-1 dan ~] % sudo cut -f 1 -w /jails/nginx01/var/log/nginx/freshports.org-access.log.0 | sort | uniq -c | sort -rn | less | head 28974 142.132.197.188 7613 178.170.197.187 2993 178.155.23.250 2977 62.210.99.184 2925 144.76.44.136 2840 178.63.50.100 2494 2001:41d0:2:5a5f::1 2400 2a01:4f8:162:402d::2 2388 62.210.125.228 2170 194.163.134.161 [0:16 aws-1 dan ~] % sudo cut -f 1 -w /jails/nginx01/var/log/nginx/freshports.org-access.log.2 | sort | uniq -c | sort -rn | less | head 15896 142.132.197.188 10558 178.170.197.187 4995 66.249.64.8 3004 178.155.23.250 2506 2a01:4f8:162:402d::2 2377 195.154.184.131 2175 157.230.247.209 1667 66.249.64.32 1550 35.160.27.221 1474 2a0a:2b41:94:cb5e:: [0:16 aws-1 dan ~] % sudo cut -f 1 -w /jails/nginx01/var/log/nginx/freshports.org-access.log.3 | sort | uniq -c | sort -rn | less | head 12906 142.132.197.188 3153 46.137.209.227 3120 52.74.102.178 2989 178.155.23.250 2973 195.154.184.131 2818 66.249.64.8 2753 2a01:4f8:162:402d::2 2372 178.170.197.187 1578 2a0a:2b41:94:cb5e:: 1455 62.210.99.184 | ||||
| Tags | No tags attached. | ||||
|
|
Copied away for future reference:[0:17 aws-1 dan ~] % mkdir bug-240 [1:08 aws-1 dan ~] % cd bug-240 [1:08 aws-1 dan ~/bug-240] % sudo cp /jails/nginx01/var/log/nginx/freshports.org-access.log.0 . [1:08 aws-1 dan ~/bug-240] % sudo cp /jails/nginx01/var/log/nginx/freshports.org-access.log.2 . [1:08 aws-1 dan ~/bug-240] % sudo cp /jails/nginx01/var/log/nginx/freshports.org-access.log.3 . |
|
|
This was added to /usr/local/etc/freshports/vhosts.conf.nginx# cut down the abusers who raise the database CPU utlization limit_req_zone $binary_remote_addr zone=root_limit:60m rate=20r/m; In /usr/local/etc/freshports/virtualhost-common.conf this:
location / {
try_files $uri $uri/ /--/new-url-parsing.php;
}
was changed to:
location / {
limit_req zone=root_limit burst=40 nodelay;
try_files $uri $uri/ /--/new-url-parsing.php;
}
|
|
|
See https://dan.langille.org/2024/09/08/fail2ban-adding-to-my-website-to-deter-abuse/ |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2024-07-07 01:07 | dvl | New Issue | |
| 2024-07-07 01:07 | dvl | Status | new => assigned |
| 2024-07-07 01:07 | dvl | Assigned To | => dvl |
| 2024-07-07 01:09 | dvl | Note Added: 0000296 | |
| 2024-07-07 17:12 | dvl | Note Added: 0000297 | |
| 2024-09-28 12:01 | dvl | Note Added: 0000314 | |
| 2024-09-28 18:54 | dvl | Status | assigned => closed |
| 2024-09-28 18:54 | dvl | Resolution | open => fixed |
