diff --git a/ingress.tjo.cloud/justfile b/ingress.tjo.cloud/justfile index 349ce3b..0492dfb 100644 --- a/ingress.tjo.cloud/justfile +++ b/ingress.tjo.cloud/justfile @@ -75,7 +75,7 @@ update-blocked-list: echo "# FACEBOOK IPV6 $(echo $FACEBOOK_IPV6 | wc -w)" IP_RANGES=$(echo -e "$GOOGLE_BOT_IPV4\n$GOOGLE_BOT_IPV6\n$BING_BOT_IPV4\n$BING_BOT_IPV6\n$OPENAI_IPV4\n$FACEBOOK_IPV4\n$FACEBOOK_IPV6" | sort | uniq) - echo "#!!DO NOT EDIT!! Generated by using just ingress-blocked-list command." > root/etc/nginx/partials/blocked.conf + echo "#!!DO NOT EDIT!! Generated by using just ingress-blocked-list command." > root/etc/nginx/partials/blocked-bad-crawlers.conf for ip in $IP_RANGES; do - echo "deny $ip;" >> root/etc/nginx/partials/blocked.conf + echo "deny $ip;" >> root/etc/nginx/partials/blocked-bad-crawlers.conf done diff --git a/ingress.tjo.cloud/root/etc/nginx/partials/blocked-bad-crawlers.conf b/ingress.tjo.cloud/root/etc/nginx/partials/blocked-bad-crawlers.conf index 7a97551..fa4c0ad 100644 --- a/ingress.tjo.cloud/root/etc/nginx/partials/blocked-bad-crawlers.conf +++ b/ingress.tjo.cloud/root/etc/nginx/partials/blocked-bad-crawlers.conf @@ -3,11 +3,14 @@ deny 102.132.96.0/19; deny 102.221.188.0/22; deny 103.4.96.0/22; deny 129.134.0.0/16; +deny 135.234.64.0/24; +deny 135.237.131.208/28; deny 13.66.139.0/24; deny 13.66.144.0/24; deny 13.67.10.16/28; deny 13.69.66.240/28; deny 13.71.172.224/28; +deny 13.83.167.128/28; deny 139.217.52.0/28; deny 147.75.208.0/20; deny 157.240.0.0/16; @@ -15,13 +18,21 @@ deny 157.55.39.0/24; deny 163.114.128.0/20; deny 163.70.128.0/17; deny 163.77.128.0/17; +deny 172.178.140.144/28; +deny 172.178.141.112/28; +deny 172.178.141.128/28; +deny 172.182.193.160/28; +deny 172.183.222.128/28; +deny 172.203.190.128/28; deny 173.252.64.0/18; deny 179.60.192.0/22; deny 185.60.216.0/22; deny 185.89.216.0/22; deny 191.233.204.224/28; deny 192.178.5.0/27; -deny 192.178.6.0/26; +deny 192.178.6.0/25; +deny 192.178.6.128/26; +deny 192.178.6.192/27; deny 196.49.68.0/23; deny 199.201.64.0/22; deny 199.30.24.0/23; @@ -36,35 +47,48 @@ deny 2001:4860:4801:3c::/63; deny 2001:4860:4801:3e::/64; deny 2001:4860:4801:40::/61; deny 2001:4860:4801:48::/62; -deny 2001:4860:4801:50::/63; -deny 2001:4860:4801:53::/64; +deny 2001:4860:4801:4c::/64; +deny 2001:4860:4801:50::/62; deny 2001:4860:4801:54::/63; +deny 2001:4860:4801:56::/64; deny 2001:4860:4801:60::/60; deny 2001:4860:4801:70::/61; deny 2001:4860:4801:78::/63; deny 2001:4860:4801:80::/61; deny 2001:4860:4801:88::/64; deny 2001:4860:4801:90::/62; -deny 2001:4860:4801:94::/64; -deny 2001:4860:4801:a0::/64; +deny 2001:4860:4801:94::/63; +deny 2001:4860:4801:a0::/62; +deny 2001:4860:4801:a4::/63; deny 2001:4860:4801:c::/64; deny 2001:4860:4801:f::/64; deny 20.125.163.80/28; +deny 20.125.66.80/28; deny 20.15.133.160/27; +deny 20.161.75.208/28; +deny 20.171.206.0/23; +deny 20.215.188.192/28; deny 20.36.108.32/28; deny 204.15.20.0/22; +deny 20.42.10.176/28; deny 20.43.120.16/28; deny 20.74.197.0/28; deny 207.46.13.0/24; deny 20.79.107.240/28; +deny 20.97.189.96/28; +deny 23.98.179.16/28; +deny 23.98.186.176/28; +deny 23.98.186.192/28; deny 2401:db00::/32; deny 2620:0:1c00::/40; deny 2620:10d:c090::/44; deny 2803:6080::/29; deny 2a03:2880::/31; +deny 2a03:2887:ff00::/48; deny 2a03:2887:ff02::/47; deny 2a03:2887:ff04::/46; deny 2a03:2887:ff08::/47; +deny 2a03:2887:ff0a::/48; deny 2a03:2887:ff18::/47; deny 2a03:2887:ff1b::/48; deny 2a03:2887:ff1c::/46; @@ -88,6 +112,7 @@ deny 2a03:2887:ff50::/45; deny 2a03:2887:ff58::/47; deny 2a03:2887:ff60::/45; deny 2a03:2887:ff68::/47; +deny 2a03:2887:ff70::/48; deny 2a03:83e0::/32; deny 2a10:f781:10:cee0::/64; deny 2c0f:ef78:10::/47; @@ -131,31 +156,44 @@ deny 40.77.188.0/22; deny 40.77.202.0/24; deny 40.79.131.208/28; deny 40.79.186.176/28; +deny 40.84.221.208/28; +deny 40.84.221.224/28; +deny 4.196.118.112/28; +deny 4.197.22.112/28; +deny 4.227.36.0/25; deny 45.64.40.0/22; deny 51.105.67.0/28; +deny 51.8.102.0/24; +deny 51.8.155.112/28; +deny 51.8.155.48/28; +deny 51.8.155.64/28; +deny 52.156.77.144/28; +deny 52.159.249.96/28; deny 52.167.144.0/24; +deny 52.225.75.208/28; deny 52.230.152.0/24; deny 52.231.148.0/28; deny 52.233.106.0/24; +deny 52.236.94.144/28; deny 57.141.0.0/21; deny 57.141.12.0/23; deny 57.141.8.0/22; deny 57.144.0.0/14; +deny 57.154.175.0/28; deny 65.55.210.0/24; deny 66.220.144.0/20; deny 66.249.64.0/25; deny 66.249.64.128/26; deny 66.249.64.224/27; deny 66.249.65.0/24; -deny 66.249.66.0/25; -deny 66.249.66.160/27; -deny 66.249.66.192/27; +deny 66.249.66.0/24; deny 66.249.68.0/25; +deny 66.249.68.128/27; deny 66.249.69.0/24; deny 66.249.70.0/23; deny 66.249.72.0/23; deny 66.249.74.0/25; -deny 66.249.74.128/27; +deny 66.249.74.128/26; deny 66.249.75.0/24; deny 66.249.76.0/23; deny 66.249.78.0/26; diff --git a/ingress.tjo.cloud/root/etc/nginx/partials/blocked.conf b/ingress.tjo.cloud/root/etc/nginx/partials/blocked.conf deleted file mode 100644 index fa4c0ad..0000000 --- a/ingress.tjo.cloud/root/etc/nginx/partials/blocked.conf +++ /dev/null @@ -1,203 +0,0 @@ -#!!DO NOT EDIT!! Generated by using just ingress-blocked-list command. -deny 102.132.96.0/19; -deny 102.221.188.0/22; -deny 103.4.96.0/22; -deny 129.134.0.0/16; -deny 135.234.64.0/24; -deny 135.237.131.208/28; -deny 13.66.139.0/24; -deny 13.66.144.0/24; -deny 13.67.10.16/28; -deny 13.69.66.240/28; -deny 13.71.172.224/28; -deny 13.83.167.128/28; -deny 139.217.52.0/28; -deny 147.75.208.0/20; -deny 157.240.0.0/16; -deny 157.55.39.0/24; -deny 163.114.128.0/20; -deny 163.70.128.0/17; -deny 163.77.128.0/17; -deny 172.178.140.144/28; -deny 172.178.141.112/28; -deny 172.178.141.128/28; -deny 172.182.193.160/28; -deny 172.183.222.128/28; -deny 172.203.190.128/28; -deny 173.252.64.0/18; -deny 179.60.192.0/22; -deny 185.60.216.0/22; -deny 185.89.216.0/22; -deny 191.233.204.224/28; -deny 192.178.5.0/27; -deny 192.178.6.0/25; -deny 192.178.6.128/26; -deny 192.178.6.192/27; -deny 196.49.68.0/23; -deny 199.201.64.0/22; -deny 199.30.24.0/23; -deny 2001:4860:4801:10::/60; -deny 2001:4860:4801:20::/60; -deny 2001:4860:4801:2::/64; -deny 2001:4860:4801:31::/64; -deny 2001:4860:4801:32::/63; -deny 2001:4860:4801:34::/62; -deny 2001:4860:4801:38::/62; -deny 2001:4860:4801:3c::/63; -deny 2001:4860:4801:3e::/64; -deny 2001:4860:4801:40::/61; -deny 2001:4860:4801:48::/62; -deny 2001:4860:4801:4c::/64; -deny 2001:4860:4801:50::/62; -deny 2001:4860:4801:54::/63; -deny 2001:4860:4801:56::/64; -deny 2001:4860:4801:60::/60; -deny 2001:4860:4801:70::/61; -deny 2001:4860:4801:78::/63; -deny 2001:4860:4801:80::/61; -deny 2001:4860:4801:88::/64; -deny 2001:4860:4801:90::/62; -deny 2001:4860:4801:94::/63; -deny 2001:4860:4801:a0::/62; -deny 2001:4860:4801:a4::/63; -deny 2001:4860:4801:c::/64; -deny 2001:4860:4801:f::/64; -deny 20.125.163.80/28; -deny 20.125.66.80/28; -deny 20.15.133.160/27; -deny 20.161.75.208/28; -deny 20.171.206.0/23; -deny 20.215.188.192/28; -deny 20.36.108.32/28; -deny 204.15.20.0/22; -deny 20.42.10.176/28; -deny 20.43.120.16/28; -deny 20.74.197.0/28; -deny 207.46.13.0/24; -deny 20.79.107.240/28; -deny 20.97.189.96/28; -deny 23.98.179.16/28; -deny 23.98.186.176/28; -deny 23.98.186.192/28; -deny 2401:db00::/32; -deny 2620:0:1c00::/40; -deny 2620:10d:c090::/44; -deny 2803:6080::/29; -deny 2a03:2880::/31; -deny 2a03:2887:ff00::/48; -deny 2a03:2887:ff02::/47; -deny 2a03:2887:ff04::/46; -deny 2a03:2887:ff08::/47; -deny 2a03:2887:ff0a::/48; -deny 2a03:2887:ff18::/47; -deny 2a03:2887:ff1b::/48; -deny 2a03:2887:ff1c::/46; -deny 2a03:2887:ff21::/48; -deny 2a03:2887:ff23::/48; -deny 2a03:2887:ff24::/47; -deny 2a03:2887:ff27::/48; -deny 2a03:2887:ff28::/45; -deny 2a03:2887:ff30::/48; -deny 2a03:2887:ff33::/48; -deny 2a03:2887:ff35::/48; -deny 2a03:2887:ff36::/47; -deny 2a03:2887:ff38::/46; -deny 2a03:2887:ff3f::/48; -deny 2a03:2887:ff40::/46; -deny 2a03:2887:ff44::/47; -deny 2a03:2887:ff48::/46; -deny 2a03:2887:ff4d::/48; -deny 2a03:2887:ff4e::/47; -deny 2a03:2887:ff50::/45; -deny 2a03:2887:ff58::/47; -deny 2a03:2887:ff60::/45; -deny 2a03:2887:ff68::/47; -deny 2a03:2887:ff70::/48; -deny 2a03:83e0::/32; -deny 2a10:f781:10:cee0::/64; -deny 2c0f:ef78:10::/47; -deny 2c0f:ef78:12::/48; -deny 2c0f:ef78:3::/48; -deny 2c0f:ef78::/47; -deny 2c0f:ef78:5::/48; -deny 2c0f:ef78:6::/48; -deny 2c0f:ef78:9::/48; -deny 2c0f:ef78:c::/46; -deny 31.13.24.0/21; -deny 31.13.64.0/18; -deny 34.100.182.96/28; -deny 34.101.50.144/28; -deny 34.118.254.0/28; -deny 34.118.66.0/28; -deny 34.126.178.96/28; -deny 34.146.150.144/28; -deny 34.147.110.144/28; -deny 34.151.74.144/28; -deny 34.152.50.64/28; -deny 34.154.114.144/28; -deny 34.155.98.32/28; -deny 34.165.18.176/28; -deny 34.175.160.64/28; -deny 34.176.130.16/28; -deny 34.22.85.0/27; -deny 34.64.82.64/28; -deny 34.65.242.112/28; -deny 34.80.50.80/28; -deny 34.88.194.0/28; -deny 34.89.10.80/28; -deny 34.89.198.80/28; -deny 34.96.162.48/28; -deny 35.247.243.240/28; -deny 40.77.139.0/25; -deny 40.77.167.0/24; -deny 40.77.177.0/24; -deny 40.77.178.0/23; -deny 40.77.188.0/22; -deny 40.77.202.0/24; -deny 40.79.131.208/28; -deny 40.79.186.176/28; -deny 40.84.221.208/28; -deny 40.84.221.224/28; -deny 4.196.118.112/28; -deny 4.197.22.112/28; -deny 4.227.36.0/25; -deny 45.64.40.0/22; -deny 51.105.67.0/28; -deny 51.8.102.0/24; -deny 51.8.155.112/28; -deny 51.8.155.48/28; -deny 51.8.155.64/28; -deny 52.156.77.144/28; -deny 52.159.249.96/28; -deny 52.167.144.0/24; -deny 52.225.75.208/28; -deny 52.230.152.0/24; -deny 52.231.148.0/28; -deny 52.233.106.0/24; -deny 52.236.94.144/28; -deny 57.141.0.0/21; -deny 57.141.12.0/23; -deny 57.141.8.0/22; -deny 57.144.0.0/14; -deny 57.154.175.0/28; -deny 65.55.210.0/24; -deny 66.220.144.0/20; -deny 66.249.64.0/25; -deny 66.249.64.128/26; -deny 66.249.64.224/27; -deny 66.249.65.0/24; -deny 66.249.66.0/24; -deny 66.249.68.0/25; -deny 66.249.68.128/27; -deny 66.249.69.0/24; -deny 66.249.70.0/23; -deny 66.249.72.0/23; -deny 66.249.74.0/25; -deny 66.249.74.128/26; -deny 66.249.75.0/24; -deny 66.249.76.0/23; -deny 66.249.78.0/26; -deny 66.249.79.0/24; -deny 69.171.224.0/19; -deny 69.63.176.0/20; -deny 74.119.76.0/22;