| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105 |
- [
- { "name": "suspiciously frequent IP",
- "filters": [],
- "interval": 600,
- "limit": 30,
- "aggregations": [
- "Header:X-Forwarded-For"
- ],
- "actions":[
- {"name":"log"}
- ]
- },
- { "name": "search request",
- "filters": [
- "Param:q",
- "Path=^(/|/search)$"
- ],
- "interval": 61,
- "limit": 999,
- "subrules": [
- {
- "name": "roboagent limit",
- "interval": 61,
- "limit": 1,
- "filters": [
- "Header:User-Agent=(curl|cURL|Wget|python-requests|Scrapy|FeedFetcher|Go-http-client)"
- ],
- "actions": [
- { "name": "log"},
- { "name": "block",
- "params": {
- "message": "Rate limit exceeded"
- }
- }
- ]
- },
- {
- "name": "botlimit",
- "limit": 0,
- "stop": true,
- "filters": [
- "Header:User-Agent=(Googlebot|bingbot|Baiduspider|yacybot|YandexMobileBot|YandexBot|Yahoo! Slurp|MJ12bot|AhrefsBot|archive.org_bot|msnbot|MJ12bot|SeznamBot|linkdexbot|Netvibes|SMTBot|zgrab|James BOT)"
- ],
- "actions": [
- { "name": "log"},
- { "name": "block",
- "params": {
- "message": "Rate limit exceeded"
- }
- }
- ]
- },
- {
- "name": "IP limit",
- "interval": 61,
- "limit": 9,
- "stop": true,
- "aggregations": [
- "Header:X-Forwarded-For"
- ],
- "actions": [
- { "name": "log"},
- { "name": "block",
- "params": {
- "message": "Rate limit exceeded"
- }
- }
- ]
- },
- {
- "name": "rss/json limit",
- "interval": 121,
- "limit": 2,
- "stop": true,
- "filters": [
- "Param:format=(csv|json|rss)"
- ],
- "actions": [
- { "name": "log"},
- { "name": "block",
- "params": {
- "message": "Rate limit exceeded"
- }
- }
- ]
- },
- {
- "name": "useragent limit",
- "interval": 61,
- "limit": 199,
- "aggregations": [
- "Header:User-Agent"
- ],
- "actions": [
- { "name": "log"},
- { "name": "block",
- "params": {
- "message": "Rate limit exceeded"
- }
- }
- ]
- }
- ]
- }
- ]
|
