diff --git a/content/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx.md b/content/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx.md new file mode 100644 index 00000000..9e0d4e49 --- /dev/null +++ b/content/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx.md @@ -0,0 +1,24 @@ +--- +title: "Block and Filter Spam Requests With User-Agents in Nginx" +date: 2024-09-05T16:58:04+03:00 +draft: false +--- + +My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX. + +Adapt the following for your use case and simply place it in every nginx.conf that is `ln -s` linked to your `/etc/nginx/sites-enabled` (*it should be under the `listen 443` server block if you use certbot. Don't add it under `location` it should be on the same level as `listen [::]:443 ssl;`*) + +```nginx +if ($http_user_agent ~* "Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot") { + return 404; +} + +``` + +To see what kind of requests are being made you can check out the following NGINX file `/var/log/nginx/access.log`. Scroll all the way down (if you use vim `G`, for nano - `Ctrl + End`) + +I adapted this guide from this fella over here who blocked all Apple devices on his VPS, [read more](https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html). + +## A better alternative - Basic HTTP Authentication + +A better way of blocking unwated access to your website is to use apache2 + NGINX's basic HTTP authentication, [read my guide](/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache). diff --git a/content/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache.md b/content/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache.md new file mode 100644 index 00000000..47a39bbf --- /dev/null +++ b/content/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache.md @@ -0,0 +1,55 @@ +--- +title: "Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache" +date: 2024-09-05T17:05:07+03:00 +draft: false +--- + +Here's how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system's (*or your vps'*) resources for yourself. + +The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith's tutorial and have NGINX running with certbot for certificates. + +## Create a username and password for authentication (*or more than 1 user*) + +First: +```bash +sudo apt install apache2 +``` + +Then: + +```bash +sudo apt install apache2-utils +``` + +Create a username you wish to authenticate with the following comnmand: + +```bash +sudo htpasswd -c /etc/apache2/.htpasswd admin1 +``` + +You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice. + +If you wish to create multiple other users simply remove `-c` from the command and change the name. + +```bash +sudo htpasswd /etc/apache2/.htpasswd admin2 +``` + +Then provide a new password (the same password can also work but it's more secure that way). + +## Add the `htpasswd` file to NGINX + +Navigate to the NGINX configuration file you wish to protect: + +```bash +nano /etc/nginx/sites-available/ +``` + +Add the following in the same `server` block and on the same level as `listen [::]:443 ssl;`: + +```nginx +auth_basic "Administrator’s Area"; +auth_basic_user_file /etc/apache2/.htpasswd; +``` + +Further readering [here](https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/). diff --git a/public/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/index.html b/public/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/index.html new file mode 100644 index 00000000..384bc58f --- /dev/null +++ b/public/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/index.html @@ -0,0 +1,69 @@ + + + + Block and Filter Spam Requests With User-Agents in Nginx | vodoraslo's blog + + + + + + + + + +
+ +
+

Block and Filter Spam Requests With User-Agents in Nginx

+
+
+ + + +
+ +

作成日: , 最終更新日:

+

My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.

+

Adapt the following for your use case and simply place it in every nginx.conf that is ln -s linked to your /etc/nginx/sites-enabled (it should be under the listen 443 server block if you use certbot. Don’t add it under location it should be on the same level as listen [::]:443 ssl;)

+ + + +
+ + 
if ($http_user_agent ~* "Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot") {
+    return 404;
+}
+ +

To see what kind of requests are being made you can check out the following NGINX file /var/log/nginx/access.log. Scroll all the way down (if you use vim G, for nano - Ctrl + End)

+

I adapted this guide from this fella over here who blocked all Apple devices on his VPS, read more.

+

A better alternative - Basic HTTP Authentication

+

A better way of blocking unwated access to your website is to use apache2 + NGINX’s basic HTTP authentication, read my guide.

+ +
+ +
+ +
+
+ +
+
+
+
+ + + + +
+ diff --git a/public/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/index.html b/public/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/index.html index 0fa4ba8e..bc27581e 100644 --- a/public/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/index.html +++ b/public/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/index.html @@ -76,6 +76,7 @@ That is no more! I’m sick of doing it and I don’t know how I just re
Previous:
Hugo: Drafts Showing in Production
 +
Next:
Block and Filter Spam Requests With User-Agents in Nginx
Tags: [Blog] diff --git a/public/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/index.html b/public/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/index.html new file mode 100644 index 00000000..eb457fbe --- /dev/null +++ b/public/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/index.html @@ -0,0 +1,110 @@ + + + + Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache | vodoraslo's blog + + + + + + + + + +
+ +
+

Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache

+
+
+ + + +
+ +

作成日: , 最終更新日:

+

Here’s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system’s (or your vps’) resources for yourself.

+

The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith’s tutorial and have NGINX running with certbot for certificates.

+

Create a username and password for authentication (or more than 1 user)

+

First:

+ + + +
+ + 
sudo apt install apache2
+ +

Then:

+ + + +
+ + 
sudo apt install apache2-utils
+ +

Create a username you wish to authenticate with the following comnmand:

+ + + +
+ + 
sudo htpasswd -c /etc/apache2/.htpasswd admin1
+ +

You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.

+

If you wish to create multiple other users simply remove -c from the command and change the name.

+ + + +
+ + 
sudo htpasswd /etc/apache2/.htpasswd admin2
+ +

Then provide a new password (the same password can also work but it’s more secure that way).

+

Add the htpasswd file to NGINX

+

Navigate to the NGINX configuration file you wish to protect:

+ + + +
+ + 
nano /etc/nginx/sites-available/<yourFileHere>
+ +

Add the following in the same server block and on the same level as listen [::]:443 ssl;:

+ + + +
+ + 
auth_basic           "Administrator’s Area";
+auth_basic_user_file /etc/apache2/.htpasswd;
+ +

Further readering here.

+ +
+ +
+ +
+
+ +
+
+
+
+ + + + +
+ diff --git a/public/articles/index.html b/public/articles/index.html index f6d5d7a9..938ebb5f 100644 --- a/public/articles/index.html +++ b/public/articles/index.html @@ -38,6 +38,8 @@ blog (8) hackbook (59) library (74) ted-kaczynski (15) updates (3) "/>
diff --git a/public/index.xml b/public/index.xml index 98d71152..be03dd79 100644 --- a/public/index.xml +++ b/public/index.xml @@ -9,6 +9,95 @@ + + Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + Thu, 05 Sep 2024 17:05:07 +0300 + + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + <p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p> +<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p> +<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2> +<p>First:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div> + +<p>Then:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div> + +<p>Create a username you wish to authenticate with the following comnmand:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div> + +<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p> +<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div> + +<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p> +<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2> +<p>Navigate to the NGINX configuration file you wish to protect:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div> + +<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>; +</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div> + +<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p> + + + + + Block and Filter Spam Requests With User-Agents in Nginx + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + Thu, 05 Sep 2024 16:58:04 +0300 + + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + <p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p> +<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> { +</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>; +</span></span><span style="display:flex;"><span>}</span></span></code></pre></div> + +<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p> +<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p> +<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2> +<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p> + + + Neater Footnotes in Hugo Using the <details> HTML Tag https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/ diff --git a/public/library/hackbook/index.xml b/public/library/hackbook/index.xml index 4ddab50a..f7fc8490 100644 --- a/public/library/hackbook/index.xml +++ b/public/library/hackbook/index.xml @@ -10,6 +10,95 @@ + + Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + Thu, 05 Sep 2024 17:05:07 +0300 + + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + <p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p> +<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p> +<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2> +<p>First:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div> + +<p>Then:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div> + +<p>Create a username you wish to authenticate with the following comnmand:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div> + +<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p> +<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div> + +<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p> +<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2> +<p>Navigate to the NGINX configuration file you wish to protect:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div> + +<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>; +</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div> + +<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p> + + + + + Block and Filter Spam Requests With User-Agents in Nginx + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + Thu, 05 Sep 2024 16:58:04 +0300 + + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + <p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p> +<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> { +</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>; +</span></span><span style="display:flex;"><span>}</span></span></code></pre></div> + +<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p> +<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p> +<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2> +<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p> + + + Neater Footnotes in Hugo Using the <details> HTML Tag https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/ diff --git a/public/library/index.xml b/public/library/index.xml index 077811af..96a838cf 100644 --- a/public/library/index.xml +++ b/public/library/index.xml @@ -9,6 +9,95 @@ + + Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + Thu, 05 Sep 2024 17:05:07 +0300 + + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + <p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p> +<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p> +<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2> +<p>First:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div> + +<p>Then:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div> + +<p>Create a username you wish to authenticate with the following comnmand:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div> + +<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p> +<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div> + +<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p> +<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2> +<p>Navigate to the NGINX configuration file you wish to protect:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div> + +<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>; +</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div> + +<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p> + + + + + Block and Filter Spam Requests With User-Agents in Nginx + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + Thu, 05 Sep 2024 16:58:04 +0300 + + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + <p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p> +<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> { +</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>; +</span></span><span style="display:flex;"><span>}</span></span></code></pre></div> + +<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p> +<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p> +<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2> +<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p> + + + Neater Footnotes in Hugo Using the <details> HTML Tag https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/ diff --git a/public/library/ted-kaczynski/index.xml b/public/library/ted-kaczynski/index.xml index 3a5b0674..844ac1a9 100644 --- a/public/library/ted-kaczynski/index.xml +++ b/public/library/ted-kaczynski/index.xml @@ -10,6 +10,95 @@ + + Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + Thu, 05 Sep 2024 17:05:07 +0300 + + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + <p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p> +<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p> +<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2> +<p>First:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div> + +<p>Then:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div> + +<p>Create a username you wish to authenticate with the following comnmand:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div> + +<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p> +<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div> + +<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p> +<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2> +<p>Navigate to the NGINX configuration file you wish to protect:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div> + +<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>; +</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div> + +<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p> + + + + + Block and Filter Spam Requests With User-Agents in Nginx + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + Thu, 05 Sep 2024 16:58:04 +0300 + + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + <p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p> +<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> { +</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>; +</span></span><span style="display:flex;"><span>}</span></span></code></pre></div> + +<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p> +<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p> +<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2> +<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p> + + + Neater Footnotes in Hugo Using the <details> HTML Tag https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/ diff --git a/public/sitemap.xml b/public/sitemap.xml index 002b9087..b508c72d 100644 --- a/public/sitemap.xml +++ b/public/sitemap.xml @@ -2,6 +2,12 @@ + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + 2024-09-05T17:05:07+03:00 + + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + 2024-09-05T16:58:04+03:00 + https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/ 2024-08-31T17:06:20+03:00 diff --git a/public/tags/blog/index.xml b/public/tags/blog/index.xml index 8d05ea14..5d9903a5 100644 --- a/public/tags/blog/index.xml +++ b/public/tags/blog/index.xml @@ -10,6 +10,95 @@ + + Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + Thu, 05 Sep 2024 17:05:07 +0300 + + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + <p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p> +<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p> +<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2> +<p>First:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div> + +<p>Then:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div> + +<p>Create a username you wish to authenticate with the following comnmand:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div> + +<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p> +<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div> + +<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p> +<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2> +<p>Navigate to the NGINX configuration file you wish to protect:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div> + +<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>; +</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div> + +<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p> + + + + + Block and Filter Spam Requests With User-Agents in Nginx + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + Thu, 05 Sep 2024 16:58:04 +0300 + + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + <p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p> +<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> { +</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>; +</span></span><span style="display:flex;"><span>}</span></span></code></pre></div> + +<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p> +<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p> +<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2> +<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p> + + + Neater Footnotes in Hugo Using the <details> HTML Tag https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/ diff --git a/public/tags/hackbook/index.xml b/public/tags/hackbook/index.xml index 58724033..9c4099e8 100644 --- a/public/tags/hackbook/index.xml +++ b/public/tags/hackbook/index.xml @@ -10,6 +10,95 @@ + + Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + Thu, 05 Sep 2024 17:05:07 +0300 + + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + <p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p> +<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p> +<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2> +<p>First:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div> + +<p>Then:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div> + +<p>Create a username you wish to authenticate with the following comnmand:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div> + +<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p> +<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div> + +<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p> +<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2> +<p>Navigate to the NGINX configuration file you wish to protect:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div> + +<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>; +</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div> + +<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p> + + + + + Block and Filter Spam Requests With User-Agents in Nginx + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + Thu, 05 Sep 2024 16:58:04 +0300 + + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + <p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p> +<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> { +</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>; +</span></span><span style="display:flex;"><span>}</span></span></code></pre></div> + +<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p> +<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p> +<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2> +<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p> + + + Neater Footnotes in Hugo Using the <details> HTML Tag https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/ diff --git a/public/tags/index.xml b/public/tags/index.xml index cc6bec47..f4c59704 100644 --- a/public/tags/index.xml +++ b/public/tags/index.xml @@ -10,6 +10,95 @@ + + Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + Thu, 05 Sep 2024 17:05:07 +0300 + + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + <p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p> +<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p> +<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2> +<p>First:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div> + +<p>Then:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div> + +<p>Create a username you wish to authenticate with the following comnmand:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div> + +<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p> +<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div> + +<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p> +<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2> +<p>Navigate to the NGINX configuration file you wish to protect:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div> + +<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>; +</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div> + +<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p> + + + + + Block and Filter Spam Requests With User-Agents in Nginx + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + Thu, 05 Sep 2024 16:58:04 +0300 + + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + <p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p> +<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> { +</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>; +</span></span><span style="display:flex;"><span>}</span></span></code></pre></div> + +<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p> +<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p> +<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2> +<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p> + + + Neater Footnotes in Hugo Using the <details> HTML Tag https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/ diff --git a/public/tags/library/index.xml b/public/tags/library/index.xml index 08ecaecd..43ff8e56 100644 --- a/public/tags/library/index.xml +++ b/public/tags/library/index.xml @@ -10,6 +10,95 @@ + + Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + Thu, 05 Sep 2024 17:05:07 +0300 + + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + <p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p> +<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p> +<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2> +<p>First:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div> + +<p>Then:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div> + +<p>Create a username you wish to authenticate with the following comnmand:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div> + +<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p> +<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div> + +<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p> +<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2> +<p>Navigate to the NGINX configuration file you wish to protect:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div> + +<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>; +</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div> + +<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p> + + + + + Block and Filter Spam Requests With User-Agents in Nginx + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + Thu, 05 Sep 2024 16:58:04 +0300 + + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + <p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p> +<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> { +</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>; +</span></span><span style="display:flex;"><span>}</span></span></code></pre></div> + +<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p> +<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p> +<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2> +<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p> + + + Neater Footnotes in Hugo Using the <details> HTML Tag https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/ diff --git a/public/tags/personal/index.xml b/public/tags/personal/index.xml index c2f6d8f7..5bcfddf7 100644 --- a/public/tags/personal/index.xml +++ b/public/tags/personal/index.xml @@ -10,6 +10,95 @@ + + Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + Thu, 05 Sep 2024 17:05:07 +0300 + + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + <p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p> +<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p> +<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2> +<p>First:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div> + +<p>Then:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div> + +<p>Create a username you wish to authenticate with the following comnmand:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div> + +<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p> +<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div> + +<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p> +<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2> +<p>Navigate to the NGINX configuration file you wish to protect:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div> + +<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>; +</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div> + +<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p> + + + + + Block and Filter Spam Requests With User-Agents in Nginx + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + Thu, 05 Sep 2024 16:58:04 +0300 + + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + <p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p> +<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> { +</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>; +</span></span><span style="display:flex;"><span>}</span></span></code></pre></div> + +<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p> +<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p> +<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2> +<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p> + + + Neater Footnotes in Hugo Using the <details> HTML Tag https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/ diff --git a/public/tags/ted-kaczynski/index.xml b/public/tags/ted-kaczynski/index.xml index 5f288a16..301ef6df 100644 --- a/public/tags/ted-kaczynski/index.xml +++ b/public/tags/ted-kaczynski/index.xml @@ -10,6 +10,95 @@ + + Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + Thu, 05 Sep 2024 17:05:07 +0300 + + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + <p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p> +<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p> +<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2> +<p>First:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div> + +<p>Then:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div> + +<p>Create a username you wish to authenticate with the following comnmand:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div> + +<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p> +<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div> + +<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p> +<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2> +<p>Navigate to the NGINX configuration file you wish to protect:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div> + +<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>; +</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div> + +<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p> + + + + + Block and Filter Spam Requests With User-Agents in Nginx + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + Thu, 05 Sep 2024 16:58:04 +0300 + + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + <p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p> +<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> { +</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>; +</span></span><span style="display:flex;"><span>}</span></span></code></pre></div> + +<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p> +<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p> +<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2> +<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p> + + + Neater Footnotes in Hugo Using the <details> HTML Tag https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/ diff --git a/public/tags/updates/index.xml b/public/tags/updates/index.xml index ea104903..b163a317 100644 --- a/public/tags/updates/index.xml +++ b/public/tags/updates/index.xml @@ -10,6 +10,95 @@ + + Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + Thu, 05 Sep 2024 17:05:07 +0300 + + https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/ + <p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p> +<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p> +<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2> +<p>First:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div> + +<p>Then:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div> + +<p>Create a username you wish to authenticate with the following comnmand:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div> + +<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p> +<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div> + +<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p> +<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2> +<p>Navigate to the NGINX configuration file you wish to protect:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div> + +<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>; +</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div> + +<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p> + + + + + Block and Filter Spam Requests With User-Agents in Nginx + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + Thu, 05 Sep 2024 16:58:04 +0300 + + https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/ + <p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p> +<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p> + + + + <div class="highlight"> + + <pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> { +</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>; +</span></span><span style="display:flex;"><span>}</span></span></code></pre></div> + +<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p> +<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p> +<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2> +<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p> + + + Neater Footnotes in Hugo Using the <details> HTML Tag https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/