-
My Shaarli app on Cloudron has been crashing for the past hour, but it seems I'm unable to make use of iptables in the container nor configure apache rules to block those bots.
I've of course blocked the user-agent via the Security config of Shaarli but it does not seem enough.
How to mitigate this? I can't use Shaarli because of that or only for a couple seconds after restarting it. My Shaarli is a small instance.
Workarounds exist https://sublimecoding.com/blocking-bots-in-apache-using-htaccess/ or https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/blob/master/Apache_2.4/README.md but require access to the configuration (apache/.htaccess...).Any idea? For now it's Shaarli, tomorrow it could be another web app on my instance, and I'm unsure to want to maintain my own block list and risk blocking myself by accident, even if that seem to be a viable solution? https://docs.cloudron.io/networking/#blocklist
How do you mitigate this kind of spam?
-
J joseph moved this topic from Support on
-
If the bots are from fixed known IPs , then just block them using https://docs.cloudron.io/networking/#blocklist
If the bots are all over, then this is like a DDoS. You will need to use some service like cloudflare to counteract this.
edit: fixed link
-
If the bots are from fixed known IPs , then just block them using https://docs.cloudron.io/networking/#blocklist
If the bots are all over, then this is like a DDoS. You will need to use some service like cloudflare to counteract this.
edit: fixed link
@joseph thanks! how to make use of the linked change for my shaarli instance? I'm not fully grasping how they relate.
Regarding CF I'd prefer to avoid them, I'll never give them credit nor let their bloated modern firewall interfer with my stuff. They already ruin the web enough. So I prefer blocking by IP I guess....
-
Maybe he meant https://docs.cloudron.io/networking/#blocklist instead
@fbartels in that case that's good as it's the option I've already tried as mentioned at the end of original post. It took me a while to find about it's existence though because it's the first time I had to face such an spam on my instance, usually blocking user agents was enough
-
@fbartels in that case that's good as it's the option I've already tried as mentioned at the end of original post. It took me a while to find about it's existence though because it's the first time I had to face such an spam on my instance, usually blocking user agents was enough
