Compare commits
2 commits
48dd0df090
...
f16bea329c
| Author | SHA1 | Date | |
|---|---|---|---|
f16bea329c
|
|||
|
efb361a51e
|
20 changed files with 1346 additions and 11 deletions
|
|
@ -0,0 +1,24 @@
|
||||||
|
---
|
||||||
|
title: "Block and Filter Spam Requests With User-Agents in Nginx"
|
||||||
|
date: 2024-09-05T16:58:04+03:00
|
||||||
|
draft: false
|
||||||
|
---
|
||||||
|
|
||||||
|
My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.
|
||||||
|
|
||||||
|
Adapt the following for your use case and simply place it in every nginx.conf that is `ln -s` linked to your `/etc/nginx/sites-enabled` (*it should be under the `listen 443` server block if you use certbot. Don't add it under `location` it should be on the same level as `listen [::]:443 ssl;`*)
|
||||||
|
|
||||||
|
```nginx
|
||||||
|
if ($http_user_agent ~* "Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot") {
|
||||||
|
return 404;
|
||||||
|
}
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
To see what kind of requests are being made you can check out the following NGINX file `/var/log/nginx/access.log`. Scroll all the way down (if you use vim `G`, for nano - `Ctrl + End`)
|
||||||
|
|
||||||
|
I adapted this guide from this fella over here who blocked all Apple devices on his VPS, [read more](https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html).
|
||||||
|
|
||||||
|
## A better alternative - Basic HTTP Authentication
|
||||||
|
|
||||||
|
A better way of blocking unwated access to your website is to use apache2 + NGINX's basic HTTP authentication, [read my guide](/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache).
|
||||||
|
|
@ -0,0 +1,55 @@
|
||||||
|
---
|
||||||
|
title: "Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache"
|
||||||
|
date: 2024-09-05T17:05:07+03:00
|
||||||
|
draft: false
|
||||||
|
---
|
||||||
|
|
||||||
|
Here's how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system's (*or your vps'*) resources for yourself.
|
||||||
|
|
||||||
|
The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith's tutorial and have NGINX running with certbot for certificates.
|
||||||
|
|
||||||
|
## Create a username and password for authentication (*or more than 1 user*)
|
||||||
|
|
||||||
|
First:
|
||||||
|
```bash
|
||||||
|
sudo apt install apache2
|
||||||
|
```
|
||||||
|
|
||||||
|
Then:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
sudo apt install apache2-utils
|
||||||
|
```
|
||||||
|
|
||||||
|
Create a username you wish to authenticate with the following comnmand:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
sudo htpasswd -c /etc/apache2/.htpasswd admin1
|
||||||
|
```
|
||||||
|
|
||||||
|
You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.
|
||||||
|
|
||||||
|
If you wish to create multiple other users simply remove `-c` from the command and change the name.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
sudo htpasswd /etc/apache2/.htpasswd admin2
|
||||||
|
```
|
||||||
|
|
||||||
|
Then provide a new password (the same password can also work but it's more secure that way).
|
||||||
|
|
||||||
|
## Add the `htpasswd` file to NGINX
|
||||||
|
|
||||||
|
Navigate to the NGINX configuration file you wish to protect:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
nano /etc/nginx/sites-available/<yourFileHere>
|
||||||
|
```
|
||||||
|
|
||||||
|
Add the following in the same `server` block and on the same level as `listen [::]:443 ssl;`:
|
||||||
|
|
||||||
|
```nginx
|
||||||
|
auth_basic "Administrator’s Area";
|
||||||
|
auth_basic_user_file /etc/apache2/.htpasswd;
|
||||||
|
```
|
||||||
|
|
||||||
|
Further readering [here](https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/).
|
||||||
|
|
@ -0,0 +1,69 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en" class="main-background-image">
|
||||||
|
<head>
|
||||||
|
<title>Block and Filter Spam Requests With User-Agents in Nginx | vodoraslo's blog</title>
|
||||||
|
<link rel="canonical" href="https://vodoraslo.xyz/">
|
||||||
|
<link rel='alternate' type='application/rss+xml' title="vodoraslo's blog RSS" href='/index.xml'>
|
||||||
|
<link rel='stylesheet' type='text/css' href='/style.css?v=1.0.0.12'>
|
||||||
|
<link rel="icon" href="/favicon.ico">
|
||||||
|
<meta name="description" content="My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.
|
||||||
|
Adapt the following for your use case and simply place it in every nginx.conf that is ln -s linked to your /etc/nginx/sites-enabled (it should be under the listen 443 server block if you use certbot. Don’t add it under location it should be on the same level as listen [::]:443 ssl;)"/>
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||||
|
<meta name="robots" content="index, follow">
|
||||||
|
<meta charset="utf-8">
|
||||||
|
</head>
|
||||||
|
<div class="main-background-image">
|
||||||
|
<body>
|
||||||
|
<main>
|
||||||
|
<header><h1 style="margin-top: 0%; padding-top: 0.5em;" id="tag_Block and Filter Spam Requests With User-Agents in Nginx">Block and Filter Spam Requests With User-Agents in Nginx</h1></header>
|
||||||
|
<hr style="color:var(--strong);background-color: var(--strong); border-color: var(--strong);"><article style="padding: 0% 2.5% 0% 2.5%;">
|
||||||
|
<div class="breadcrumbs">
|
||||||
|
|
||||||
|
<nav><a href="/">vodoraslo</a> / <a href="/articles/">Articles</a> / Block and Filter Spam Requests With User-Agents in Nginx</nav>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<small><em><p style="color: var(--muted_text);">作成日: <time datetime="2024-09-05T16:58:04+03:00" style="color: var(--muted_text);">2024年9月5日 (木)</time>, 最終更新日: <time datetime="2024-09-05T17:22:43+03:00" style="color: var(--muted_text);">2024年9月5日 (木)</time> </p></em></small>
|
||||||
|
<div class="post-content"><p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p>
|
||||||
|
<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don’t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">"Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot")</span> {
|
||||||
|
</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>;
|
||||||
|
</span></span><span style="display:flex;"><span>}</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p>
|
||||||
|
<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p>
|
||||||
|
<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication<a hidden class="anchor" aria-hidden="true" href="#a-better-alternative---basic-http-authentication">#</a></h2>
|
||||||
|
<p>A better way of blocking unwated access to your website is to use apache2 + NGINX’s basic HTTP authentication, <a href="/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p>
|
||||||
|
|
||||||
|
<div style="text-align: right;">
|
||||||
|
|
||||||
|
</div></div>
|
||||||
|
|
||||||
|
<br>
|
||||||
|
<hr style="color:var(--strong); margin: 0; background-color: var(--strong); border-color: var(--strong);">
|
||||||
|
<div id="nextprev">
|
||||||
|
<a href="/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/"><div id="prevart"><i>Previous:</i><br>Neater Footnotes in Hugo Using the <details> HTML Tag</div></a>
|
||||||
|
<a href="/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/"><div id="nextart"><i>Next:</i><br>Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</div></a>
|
||||||
|
</div>
|
||||||
|
<div >
|
||||||
|
</div>
|
||||||
|
</article>
|
||||||
|
</main>
|
||||||
|
|
||||||
|
<footer style="padding-top: 0.5em;">
|
||||||
|
|
||||||
|
<div style="padding-bottom: 0.2em; display: inline-block;"><a href="https://vodoraslo.xyz/articles" title="List of all my articles and writings.">📜 Articles</a> <strong>•</strong> <a href="https://vodoraslo.xyz/library" title="My personal library.">📚 Library</a> <strong>•</strong> <a href="https://wiki.vodoraslo.xyz" title="My personal Wiki page.">🌐 Wiki</a> <strong>•</strong> <a href="https://vodoraslo.xyz/index.xml" title="Subscribe via RSS for updates.">📰 RSS</a><hr></div>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div style="padding-bottom: 0.7em;" class="index-links"><a href="https://vodoraslo.xyz/" title="Return to the homepage.">🏠 Homepage</a></div>
|
||||||
|
</footer>
|
||||||
|
|
||||||
|
</body>
|
||||||
|
</div>
|
||||||
|
</html>
|
||||||
|
|
@ -76,6 +76,7 @@ That is no more! I’m sick of doing it and I don’t know how I just re
|
||||||
<hr style="color:var(--strong); margin: 0; background-color: var(--strong); border-color: var(--strong);">
|
<hr style="color:var(--strong); margin: 0; background-color: var(--strong); border-color: var(--strong);">
|
||||||
<div id="nextprev">
|
<div id="nextprev">
|
||||||
<a href="/articles/blog/hugo-drafts-showing-in-production/"><div id="prevart"><i>Previous:</i><br>Hugo: Drafts Showing in Production</div></a>
|
<a href="/articles/blog/hugo-drafts-showing-in-production/"><div id="prevart"><i>Previous:</i><br>Hugo: Drafts Showing in Production</div></a>
|
||||||
|
<a href="/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/"><div id="nextart"><i>Next:</i><br>Block and Filter Spam Requests With User-Agents in Nginx</div></a>
|
||||||
</div>
|
</div>
|
||||||
<div ><div style="clear:both" class=taglist>
|
<div ><div style="clear:both" class=taglist>
|
||||||
Tags: [<a id="tag_blog" href="https://vodoraslo.xyz/tags/blog">Blog</a>]
|
Tags: [<a id="tag_blog" href="https://vodoraslo.xyz/tags/blog">Blog</a>]
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,110 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en" class="main-background-image">
|
||||||
|
<head>
|
||||||
|
<title>Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache | vodoraslo's blog</title>
|
||||||
|
<link rel="canonical" href="https://vodoraslo.xyz/">
|
||||||
|
<link rel='alternate' type='application/rss+xml' title="vodoraslo's blog RSS" href='/index.xml'>
|
||||||
|
<link rel='stylesheet' type='text/css' href='/style.css?v=1.0.0.12'>
|
||||||
|
<link rel="icon" href="/favicon.ico">
|
||||||
|
<meta name="description" content="Here’s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system’s (or your vps’) resources for yourself.
|
||||||
|
The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith’s tutorial and have NGINX running with certbot for certificates.
|
||||||
|
Create a username and password for authentication (or more than 1 user) First:"/>
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||||
|
<meta name="robots" content="index, follow">
|
||||||
|
<meta charset="utf-8">
|
||||||
|
</head>
|
||||||
|
<div class="main-background-image">
|
||||||
|
<body>
|
||||||
|
<main>
|
||||||
|
<header><h1 style="margin-top: 0%; padding-top: 0.5em;" id="tag_Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache">Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</h1></header>
|
||||||
|
<hr style="color:var(--strong);background-color: var(--strong); border-color: var(--strong);"><article style="padding: 0% 2.5% 0% 2.5%;">
|
||||||
|
<div class="breadcrumbs">
|
||||||
|
|
||||||
|
<nav><a href="/">vodoraslo</a> / <a href="/articles/">Articles</a> / Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</nav>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<small><em><p style="color: var(--muted_text);">作成日: <time datetime="2024-09-05T17:05:07+03:00" style="color: var(--muted_text);">2024年9月5日 (木)</time>, 最終更新日: <time datetime="2024-09-05T17:22:43+03:00" style="color: var(--muted_text);">2024年9月5日 (木)</time> </p></em></small>
|
||||||
|
<div class="post-content"><p>Here’s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system’s (<em>or your vps’</em>) resources for yourself.</p>
|
||||||
|
<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith’s tutorial and have NGINX running with certbot for certificates.</p>
|
||||||
|
<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)<a hidden class="anchor" aria-hidden="true" href="#create-a-username-and-password-for-authentication-or-more-than-1-user">#</a></h2>
|
||||||
|
<p>First:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Create a username you wish to authenticate with the following comnmand:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p>
|
||||||
|
<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then provide a new password (the same password can also work but it’s more secure that way).</p>
|
||||||
|
<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX<a hidden class="anchor" aria-hidden="true" href="#add-the-htpasswd-file-to-nginx">#</a></h2>
|
||||||
|
<p>Navigate to the NGINX configuration file you wish to protect:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/<yourFileHere></span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">"Administrator’s</span> <span style="color:#98c379">Area"</span>;
|
||||||
|
</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p>
|
||||||
|
|
||||||
|
<div style="text-align: right;">
|
||||||
|
|
||||||
|
</div></div>
|
||||||
|
|
||||||
|
<br>
|
||||||
|
<hr style="color:var(--strong); margin: 0; background-color: var(--strong); border-color: var(--strong);">
|
||||||
|
<div id="nextprev">
|
||||||
|
<a href="/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/"><div id="prevart"><i>Previous:</i><br>Block and Filter Spam Requests With User-Agents in Nginx</div></a>
|
||||||
|
</div>
|
||||||
|
<div >
|
||||||
|
</div>
|
||||||
|
</article>
|
||||||
|
</main>
|
||||||
|
|
||||||
|
<footer style="padding-top: 0.5em;">
|
||||||
|
|
||||||
|
<div style="padding-bottom: 0.2em; display: inline-block;"><a href="https://vodoraslo.xyz/articles" title="List of all my articles and writings.">📜 Articles</a> <strong>•</strong> <a href="https://vodoraslo.xyz/library" title="My personal library.">📚 Library</a> <strong>•</strong> <a href="https://wiki.vodoraslo.xyz" title="My personal Wiki page.">🌐 Wiki</a> <strong>•</strong> <a href="https://vodoraslo.xyz/index.xml" title="Subscribe via RSS for updates.">📰 RSS</a><hr></div>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div style="padding-bottom: 0.7em;" class="index-links"><a href="https://vodoraslo.xyz/" title="Return to the homepage.">🏠 Homepage</a></div>
|
||||||
|
</footer>
|
||||||
|
|
||||||
|
</body>
|
||||||
|
</div>
|
||||||
|
</html>
|
||||||
|
|
@ -38,6 +38,8 @@ blog (8)
hackbook (59)
library (74)
ted-kaczynski (15)
updates (3)
"/>
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
<ul>
|
<ul>
|
||||||
|
<li class="index-links"><time datetime="2024-09-05T17:05:07+03:00">2024 Sep 05</time> – <a href="/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/">Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</a></li>
|
||||||
|
<li class="index-links"><time datetime="2024-09-05T16:58:04+03:00">2024 Sep 05</time> – <a href="/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/">Block and Filter Spam Requests With User-Agents in Nginx</a></li>
|
||||||
<li class="index-links"><time datetime="2024-08-31T16:12:49+03:00">2024 Aug 31</time> – <a href="/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/">Neater Footnotes in Hugo Using the <details> HTML Tag</a></li>
|
<li class="index-links"><time datetime="2024-08-31T16:12:49+03:00">2024 Aug 31</time> – <a href="/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/">Neater Footnotes in Hugo Using the <details> HTML Tag</a></li>
|
||||||
<li class="index-links"><time datetime="2024-03-17T17:53:39+03:00">2024 Mar 17</time> – <a href="/articles/blog/hugo-drafts-showing-in-production/">Hugo: Drafts Showing in Production</a></li>
|
<li class="index-links"><time datetime="2024-03-17T17:53:39+03:00">2024 Mar 17</time> – <a href="/articles/blog/hugo-drafts-showing-in-production/">Hugo: Drafts Showing in Production</a></li>
|
||||||
<li class="index-links"><time datetime="2024-02-27T17:04:59+03:00">2024 Feb 27</time> – <a href="/articles/blog/2024-goals/">2024 Goals and Aspirations</a></li>
|
<li class="index-links"><time datetime="2024-02-27T17:04:59+03:00">2024 Feb 27</time> – <a href="/articles/blog/2024-goals/">2024 Goals and Aspirations</a></li>
|
||||||
|
|
|
||||||
|
|
@ -9,6 +9,95 @@
|
||||||
<atom:link href="https://vodoraslo.xyz/articles/index.xml" rel="self" type="application/rss+xml" />
|
<atom:link href="https://vodoraslo.xyz/articles/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 17:05:07 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</guid>
|
||||||
|
<description><p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p>
|
||||||
|
<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p>
|
||||||
|
<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2>
|
||||||
|
<p>First:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Create a username you wish to authenticate with the following comnmand:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p>
|
||||||
|
<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p>
|
||||||
|
<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2>
|
||||||
|
<p>Navigate to the NGINX configuration file you wish to protect:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>;
|
||||||
|
</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Block and Filter Spam Requests With User-Agents in Nginx</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 16:58:04 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</guid>
|
||||||
|
<description><p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p>
|
||||||
|
<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> {
|
||||||
|
</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>;
|
||||||
|
</span></span><span style="display:flex;"><span>}</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p>
|
||||||
|
<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p>
|
||||||
|
<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2>
|
||||||
|
<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
||||||
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
||||||
|
|
|
||||||
|
|
@ -33,6 +33,17 @@
|
||||||
<p><strong>Recent posts:</strong></p>
|
<p><strong>Recent posts:</strong></p>
|
||||||
</div>
|
</div>
|
||||||
<ul class="tenRecentPosts">
|
<ul class="tenRecentPosts">
|
||||||
|
<li><time
|
||||||
|
datetime="2024-09-05T17:05:07+03:00">2024 Sep 05</time> –
|
||||||
|
<a href="/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/" aria-label="Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache Here’s how to only allow authenticated users to view your websites - … ... Click to Read more about Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache"><b class="white_span">Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</b></a> - <span
|
||||||
|
class="muted_text">Here’s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system’s (or your …</span> <a href="/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/" aria-label="Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache Here’s how to only allow authenticated users to view your websites - … ... Click to Read more about Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache" class="read_more_recent_posts" style="box-shadow: 0 1px 0;">Read
|
||||||
|
more about Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</a> <em> (1 minute read).</em> </li>
|
||||||
|
<li><time
|
||||||
|
datetime="2024-09-05T16:58:04+03:00">2024 Sep 05</time> –
|
||||||
|
<a href="/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/" aria-label="Block and Filter Spam Requests With User-Agents in Nginx My server has been getting bussyblasted by spam requests from bots and … ... Click to Read more about Block and Filter Spam Requests With User-Agents in Nginx"><b class="white_span">Block and Filter Spam Requests With User-Agents in Nginx</b></a> - <span
|
||||||
|
class="muted_text">My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.
|
||||||
|
Adapt the …</span> <a href="/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/" aria-label="Block and Filter Spam Requests With User-Agents in Nginx My server has been getting bussyblasted by spam requests from bots and … ... Click to Read more about Block and Filter Spam Requests With User-Agents in Nginx" class="read_more_recent_posts" style="box-shadow: 0 1px 0;">Read
|
||||||
|
more about Block and Filter Spam Requests With User-Agents in Nginx</a> <em> (1 minute read).</em> </li>
|
||||||
<li><time
|
<li><time
|
||||||
datetime="2024-08-31T16:12:49+03:00">2024 Aug 31</time> –
|
datetime="2024-08-31T16:12:49+03:00">2024 Aug 31</time> –
|
||||||
<a href="/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/" aria-label="Neater Footnotes in Hugo Using the <details> HTML Tag Hugo currently (v133) provides no way for me to choose where to place my … ... Click to Read more about Neater Footnotes in Hugo Using the <details> HTML Tag"><b class="white_span">Neater Footnotes in Hugo Using the <details> HTML Tag</b></a> - <span
|
<a href="/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/" aria-label="Neater Footnotes in Hugo Using the <details> HTML Tag Hugo currently (v133) provides no way for me to choose where to place my … ... Click to Read more about Neater Footnotes in Hugo Using the <details> HTML Tag"><b class="white_span">Neater Footnotes in Hugo Using the <details> HTML Tag</b></a> - <span
|
||||||
|
|
@ -75,17 +86,6 @@ summarized: …</span> <a href="/articles/blog/2024-goals/" aria-label="2024 Go
|
||||||
<a href="/library/ted-kaczynski/the-littering-ape/" aria-label="The Littering Ape A number of anthropologically inclined individuals have in recent years … ... Click to Read more about The Littering Ape"><b class="white_span">The Littering Ape</b></a> - <span
|
<a href="/library/ted-kaczynski/the-littering-ape/" aria-label="The Littering Ape A number of anthropologically inclined individuals have in recent years … ... Click to Read more about The Littering Ape"><b class="white_span">The Littering Ape</b></a> - <span
|
||||||
class="muted_text">A number of anthropologically inclined individuals have in recent years gained fame and fortune by authoring books of the “Naked Ape” …</span> <a href="/library/ted-kaczynski/the-littering-ape/" aria-label="The Littering Ape A number of anthropologically inclined individuals have in recent years … ... Click to Read more about The Littering Ape" class="read_more_recent_posts" style="box-shadow: 0 1px 0;">Read
|
class="muted_text">A number of anthropologically inclined individuals have in recent years gained fame and fortune by authoring books of the “Naked Ape” …</span> <a href="/library/ted-kaczynski/the-littering-ape/" aria-label="The Littering Ape A number of anthropologically inclined individuals have in recent years … ... Click to Read more about The Littering Ape" class="read_more_recent_posts" style="box-shadow: 0 1px 0;">Read
|
||||||
more about The Littering Ape</a> <em> (3 minute read).</em> </li>
|
more about The Littering Ape</a> <em> (3 minute read).</em> </li>
|
||||||
<li><time
|
|
||||||
datetime="2023-04-15T18:54:10+03:00">2023 Apr 15</time> –
|
|
||||||
<a href="/library/ted-kaczynski/morality-and-revolution/" aria-label="Morality and Revolution “Morality, guilt and fear of condemnation act as cops in our heads, … ... Click to Read more about Morality and Revolution"><b class="white_span">Morality and Revolution</b></a> - <span
|
|
||||||
class="muted_text">“Morality, guilt and fear of condemnation act as cops in our heads, destroying our spontaneity, our wildness, our ability to live our lives to the …</span> <a href="/library/ted-kaczynski/morality-and-revolution/" aria-label="Morality and Revolution “Morality, guilt and fear of condemnation act as cops in our heads, … ... Click to Read more about Morality and Revolution" class="read_more_recent_posts" style="box-shadow: 0 1px 0;">Read
|
|
||||||
more about Morality and Revolution</a> <em> (22 minute read).</em> </li>
|
|
||||||
<li><time
|
|
||||||
datetime="2023-04-15T18:50:50+03:00">2023 Apr 15</time> –
|
|
||||||
<a href="/library/ted-kaczynski/the-systems-neatest-trick/" aria-label="The System's Neatest Trick The supreme luxury of the society of technical necessity will be to grant … ... Click to Read more about The System's Neatest Trick"><b class="white_span">The System's Neatest Trick</b></a> - <span
|
|
||||||
class="muted_text">The supreme luxury of the society of technical necessity will be to grant the bonus of useless revolt and of an acquiescent smile. —Jacques Ellul1
|
|
||||||
The …</span> <a href="/library/ted-kaczynski/the-systems-neatest-trick/" aria-label="The System's Neatest Trick The supreme luxury of the society of technical necessity will be to grant … ... Click to Read more about The System's Neatest Trick" class="read_more_recent_posts" style="box-shadow: 0 1px 0;">Read
|
|
||||||
more about The System's Neatest Trick</a> <em> (25 minute read).</em> </li>
|
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
|
|
|
||||||
|
|
@ -9,6 +9,95 @@
|
||||||
<atom:link href="https://vodoraslo.xyz/index.xml" rel="self" type="application/rss+xml" />
|
<atom:link href="https://vodoraslo.xyz/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 17:05:07 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</guid>
|
||||||
|
<description><p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p>
|
||||||
|
<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p>
|
||||||
|
<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2>
|
||||||
|
<p>First:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Create a username you wish to authenticate with the following comnmand:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p>
|
||||||
|
<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p>
|
||||||
|
<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2>
|
||||||
|
<p>Navigate to the NGINX configuration file you wish to protect:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>;
|
||||||
|
</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Block and Filter Spam Requests With User-Agents in Nginx</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 16:58:04 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</guid>
|
||||||
|
<description><p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p>
|
||||||
|
<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> {
|
||||||
|
</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>;
|
||||||
|
</span></span><span style="display:flex;"><span>}</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p>
|
||||||
|
<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p>
|
||||||
|
<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2>
|
||||||
|
<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
||||||
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,95 @@
|
||||||
<atom:link href="https://vodoraslo.xyz/library/hackbook/index.xml" rel="self" type="application/rss+xml" />
|
<atom:link href="https://vodoraslo.xyz/library/hackbook/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 17:05:07 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</guid>
|
||||||
|
<description><p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p>
|
||||||
|
<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p>
|
||||||
|
<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2>
|
||||||
|
<p>First:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Create a username you wish to authenticate with the following comnmand:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p>
|
||||||
|
<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p>
|
||||||
|
<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2>
|
||||||
|
<p>Navigate to the NGINX configuration file you wish to protect:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>;
|
||||||
|
</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Block and Filter Spam Requests With User-Agents in Nginx</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 16:58:04 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</guid>
|
||||||
|
<description><p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p>
|
||||||
|
<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> {
|
||||||
|
</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>;
|
||||||
|
</span></span><span style="display:flex;"><span>}</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p>
|
||||||
|
<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p>
|
||||||
|
<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2>
|
||||||
|
<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
||||||
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
||||||
|
|
|
||||||
|
|
@ -9,6 +9,95 @@
|
||||||
<atom:link href="https://vodoraslo.xyz/library/index.xml" rel="self" type="application/rss+xml" />
|
<atom:link href="https://vodoraslo.xyz/library/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 17:05:07 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</guid>
|
||||||
|
<description><p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p>
|
||||||
|
<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p>
|
||||||
|
<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2>
|
||||||
|
<p>First:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Create a username you wish to authenticate with the following comnmand:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p>
|
||||||
|
<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p>
|
||||||
|
<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2>
|
||||||
|
<p>Navigate to the NGINX configuration file you wish to protect:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>;
|
||||||
|
</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Block and Filter Spam Requests With User-Agents in Nginx</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 16:58:04 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</guid>
|
||||||
|
<description><p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p>
|
||||||
|
<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> {
|
||||||
|
</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>;
|
||||||
|
</span></span><span style="display:flex;"><span>}</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p>
|
||||||
|
<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p>
|
||||||
|
<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2>
|
||||||
|
<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
||||||
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,95 @@
|
||||||
<atom:link href="https://vodoraslo.xyz/library/ted-kaczynski/index.xml" rel="self" type="application/rss+xml" />
|
<atom:link href="https://vodoraslo.xyz/library/ted-kaczynski/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 17:05:07 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</guid>
|
||||||
|
<description><p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p>
|
||||||
|
<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p>
|
||||||
|
<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2>
|
||||||
|
<p>First:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Create a username you wish to authenticate with the following comnmand:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p>
|
||||||
|
<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p>
|
||||||
|
<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2>
|
||||||
|
<p>Navigate to the NGINX configuration file you wish to protect:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>;
|
||||||
|
</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Block and Filter Spam Requests With User-Agents in Nginx</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 16:58:04 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</guid>
|
||||||
|
<description><p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p>
|
||||||
|
<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> {
|
||||||
|
</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>;
|
||||||
|
</span></span><span style="display:flex;"><span>}</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p>
|
||||||
|
<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p>
|
||||||
|
<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2>
|
||||||
|
<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
||||||
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
||||||
|
|
|
||||||
|
|
@ -2,6 +2,12 @@
|
||||||
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"
|
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"
|
||||||
xmlns:xhtml="http://www.w3.org/1999/xhtml">
|
xmlns:xhtml="http://www.w3.org/1999/xhtml">
|
||||||
<url>
|
<url>
|
||||||
|
<loc>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</loc>
|
||||||
|
<lastmod>2024-09-05T17:22:43+03:00</lastmod>
|
||||||
|
</url><url>
|
||||||
|
<loc>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</loc>
|
||||||
|
<lastmod>2024-09-05T17:22:43+03:00</lastmod>
|
||||||
|
</url><url>
|
||||||
<loc>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</loc>
|
<loc>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</loc>
|
||||||
<lastmod>2024-08-31T17:06:20+03:00</lastmod>
|
<lastmod>2024-08-31T17:06:20+03:00</lastmod>
|
||||||
</url><url>
|
</url><url>
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,95 @@
|
||||||
<atom:link href="https://vodoraslo.xyz/tags/blog/index.xml" rel="self" type="application/rss+xml" />
|
<atom:link href="https://vodoraslo.xyz/tags/blog/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 17:05:07 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</guid>
|
||||||
|
<description><p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p>
|
||||||
|
<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p>
|
||||||
|
<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2>
|
||||||
|
<p>First:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Create a username you wish to authenticate with the following comnmand:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p>
|
||||||
|
<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p>
|
||||||
|
<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2>
|
||||||
|
<p>Navigate to the NGINX configuration file you wish to protect:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>;
|
||||||
|
</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Block and Filter Spam Requests With User-Agents in Nginx</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 16:58:04 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</guid>
|
||||||
|
<description><p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p>
|
||||||
|
<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> {
|
||||||
|
</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>;
|
||||||
|
</span></span><span style="display:flex;"><span>}</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p>
|
||||||
|
<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p>
|
||||||
|
<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2>
|
||||||
|
<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
||||||
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,95 @@
|
||||||
<atom:link href="https://vodoraslo.xyz/tags/hackbook/index.xml" rel="self" type="application/rss+xml" />
|
<atom:link href="https://vodoraslo.xyz/tags/hackbook/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 17:05:07 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</guid>
|
||||||
|
<description><p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p>
|
||||||
|
<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p>
|
||||||
|
<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2>
|
||||||
|
<p>First:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Create a username you wish to authenticate with the following comnmand:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p>
|
||||||
|
<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p>
|
||||||
|
<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2>
|
||||||
|
<p>Navigate to the NGINX configuration file you wish to protect:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>;
|
||||||
|
</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Block and Filter Spam Requests With User-Agents in Nginx</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 16:58:04 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</guid>
|
||||||
|
<description><p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p>
|
||||||
|
<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> {
|
||||||
|
</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>;
|
||||||
|
</span></span><span style="display:flex;"><span>}</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p>
|
||||||
|
<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p>
|
||||||
|
<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2>
|
||||||
|
<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
||||||
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,95 @@
|
||||||
<atom:link href="https://vodoraslo.xyz/tags/index.xml" rel="self" type="application/rss+xml" />
|
<atom:link href="https://vodoraslo.xyz/tags/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 17:05:07 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</guid>
|
||||||
|
<description><p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p>
|
||||||
|
<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p>
|
||||||
|
<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2>
|
||||||
|
<p>First:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Create a username you wish to authenticate with the following comnmand:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p>
|
||||||
|
<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p>
|
||||||
|
<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2>
|
||||||
|
<p>Navigate to the NGINX configuration file you wish to protect:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>;
|
||||||
|
</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Block and Filter Spam Requests With User-Agents in Nginx</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 16:58:04 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</guid>
|
||||||
|
<description><p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p>
|
||||||
|
<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> {
|
||||||
|
</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>;
|
||||||
|
</span></span><span style="display:flex;"><span>}</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p>
|
||||||
|
<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p>
|
||||||
|
<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2>
|
||||||
|
<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
||||||
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,95 @@
|
||||||
<atom:link href="https://vodoraslo.xyz/tags/library/index.xml" rel="self" type="application/rss+xml" />
|
<atom:link href="https://vodoraslo.xyz/tags/library/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 17:05:07 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</guid>
|
||||||
|
<description><p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p>
|
||||||
|
<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p>
|
||||||
|
<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2>
|
||||||
|
<p>First:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Create a username you wish to authenticate with the following comnmand:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p>
|
||||||
|
<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p>
|
||||||
|
<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2>
|
||||||
|
<p>Navigate to the NGINX configuration file you wish to protect:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>;
|
||||||
|
</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Block and Filter Spam Requests With User-Agents in Nginx</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 16:58:04 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</guid>
|
||||||
|
<description><p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p>
|
||||||
|
<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> {
|
||||||
|
</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>;
|
||||||
|
</span></span><span style="display:flex;"><span>}</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p>
|
||||||
|
<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p>
|
||||||
|
<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2>
|
||||||
|
<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
||||||
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,95 @@
|
||||||
<atom:link href="https://vodoraslo.xyz/tags/personal/index.xml" rel="self" type="application/rss+xml" />
|
<atom:link href="https://vodoraslo.xyz/tags/personal/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 17:05:07 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</guid>
|
||||||
|
<description><p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p>
|
||||||
|
<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p>
|
||||||
|
<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2>
|
||||||
|
<p>First:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Create a username you wish to authenticate with the following comnmand:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p>
|
||||||
|
<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p>
|
||||||
|
<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2>
|
||||||
|
<p>Navigate to the NGINX configuration file you wish to protect:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>;
|
||||||
|
</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Block and Filter Spam Requests With User-Agents in Nginx</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 16:58:04 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</guid>
|
||||||
|
<description><p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p>
|
||||||
|
<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> {
|
||||||
|
</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>;
|
||||||
|
</span></span><span style="display:flex;"><span>}</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p>
|
||||||
|
<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p>
|
||||||
|
<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2>
|
||||||
|
<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
||||||
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,95 @@
|
||||||
<atom:link href="https://vodoraslo.xyz/tags/ted-kaczynski/index.xml" rel="self" type="application/rss+xml" />
|
<atom:link href="https://vodoraslo.xyz/tags/ted-kaczynski/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 17:05:07 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</guid>
|
||||||
|
<description><p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p>
|
||||||
|
<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p>
|
||||||
|
<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2>
|
||||||
|
<p>First:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Create a username you wish to authenticate with the following comnmand:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p>
|
||||||
|
<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p>
|
||||||
|
<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2>
|
||||||
|
<p>Navigate to the NGINX configuration file you wish to protect:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>;
|
||||||
|
</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Block and Filter Spam Requests With User-Agents in Nginx</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 16:58:04 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</guid>
|
||||||
|
<description><p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p>
|
||||||
|
<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> {
|
||||||
|
</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>;
|
||||||
|
</span></span><span style="display:flex;"><span>}</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p>
|
||||||
|
<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p>
|
||||||
|
<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2>
|
||||||
|
<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
||||||
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,95 @@
|
||||||
<atom:link href="https://vodoraslo.xyz/tags/updates/index.xml" rel="self" type="application/rss+xml" />
|
<atom:link href="https://vodoraslo.xyz/tags/updates/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Restrict Unwanted Access With HTTP Basic Authentication - NGINX and Apache</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 17:05:07 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache/</guid>
|
||||||
|
<description><p>Here&rsquo;s how to only allow authenticated users to view your websites - great way to boot freeloaders and guarantee your system&rsquo;s (<em>or your vps&rsquo;</em>) resources for yourself.</p>
|
||||||
|
<p>The guide is meant for debian but can be easily adapted to suit your needs. I assume you have followed Luke Smith&rsquo;s tutorial and have NGINX running with certbot for certificates.</p>
|
||||||
|
<h2 id="create-a-username-and-password-for-authentication-or-more-than-1-user">Create a username and password for authentication (<em>or more than 1 user</em>)</h2>
|
||||||
|
<p>First:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt install apache2-utils</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Create a username you wish to authenticate with the following comnmand:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd -c /etc/apache2/.htpasswd admin1</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>You will be prompted to provide a password, feel free to generate a secure 32+ character one and save it in your password manager of choice.</p>
|
||||||
|
<p>If you wish to create multiple other users simply remove <code>-c</code> from the command and change the name.</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo htpasswd /etc/apache2/.htpasswd admin2</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Then provide a new password (the same password can also work but it&rsquo;s more secure that way).</p>
|
||||||
|
<h2 id="add-the-htpasswd-file-to-nginx">Add the <code>htpasswd</code> file to NGINX</h2>
|
||||||
|
<p>Navigate to the NGINX configuration file you wish to protect:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>nano /etc/nginx/sites-available/&lt;yourFileHere&gt;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Add the following in the same <code>server</code> block and on the same level as <code>listen [::]:443 ssl;</code>:</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">auth_basic</span> <span style="color:#98c379">&#34;Administrator’s</span> <span style="color:#98c379">Area&#34;</span>;
|
||||||
|
</span></span><span style="display:flex;"><span><span style="color:#c678dd">auth_basic_user_file</span> <span style="color:#98c379">/etc/apache2/.htpasswd</span>;</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>Further readering <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">here</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Block and Filter Spam Requests With User-Agents in Nginx</title>
|
||||||
|
<link>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</link>
|
||||||
|
<pubDate>Thu, 05 Sep 2024 16:58:04 +0300</pubDate>
|
||||||
|
|
||||||
|
<guid>https://vodoraslo.xyz/articles/blog/block-and-filter-spam-requests-with-user-agents-in-nginx/</guid>
|
||||||
|
<description><p>My server has been getting bussyblasted by spam requests from bots and other subhumans and I figured out a way to block them with NGINX.</p>
|
||||||
|
<p>Adapt the following for your use case and simply place it in every nginx.conf that is <code>ln -s</code> linked to your <code>/etc/nginx/sites-enabled</code> (<em>it should be under the <code>listen 443</code> server block if you use certbot. Don&rsquo;t add it under <code>location</code> it should be on the same level as <code>listen [::]:443 ssl;</code></em>)</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<div class="highlight">
|
||||||
|
|
||||||
|
<pre tabindex="0" class="chroma"><code class="language-nginx" data-lang="nginx"><span style="display:flex;"><span><span style="color:#c678dd">if</span> <span style="color:#98c379">(</span><span style="color:#dcaeea">$http_user_agent</span> ~<span style="color:#56b6c2">*</span> <span style="color:#98c379">&#34;Amazonbot|facebookexternalhit|meta-externalagent|ClaudeBot&#34;)</span> {
|
||||||
|
</span></span><span style="display:flex;"><span> <span style="color:#c678dd">return</span> <span style="color:#d19a66">404</span>;
|
||||||
|
</span></span><span style="display:flex;"><span>}</span></span></code></pre></div>
|
||||||
|
|
||||||
|
<p>To see what kind of requests are being made you can check out the following NGINX file <code>/var/log/nginx/access.log</code>. Scroll all the way down (if you use vim <code>G</code>, for nano - <code>Ctrl + End</code>)</p>
|
||||||
|
<p>I adapted this guide from this fella over here who blocked all Apple devices on his VPS, <a href="https://web.archive.org/web/20240508084213/https://swindlesmccoop.xyz/blog/blockapple.html">read more</a>.</p>
|
||||||
|
<h2 id="a-better-alternative---basic-http-authentication">A better alternative - Basic HTTP Authentication</h2>
|
||||||
|
<p>A better way of blocking unwated access to your website is to use apache2 + NGINX&rsquo;s basic HTTP authentication, <a href="https://vodoraslo.xyz/articles/blog/restrict-unwanted-access-with-http-basic-auth-nginx-and-apache">read my guide</a>.</p>
|
||||||
|
</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
<title>Neater Footnotes in Hugo Using the <details> HTML Tag</title>
|
||||||
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
<link>https://vodoraslo.xyz/articles/blog/neater-footnotes-in-hugo-using-the-details-html-tag/</link>
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue