bunkerweb 1.4.0
This commit is contained in:
bunkerity
72
core/badbehavior/badbehavior.lua
Normal file
72
core/badbehavior/badbehavior.lua
Normal file
@@ -0,0 +1,72 @@
|
||||
local _M = {}
|
||||
_M.__index = _M
|
||||
|
||||
local utils = require "utils"
|
||||
local datastore = require "datastore"
|
||||
local logger = require "logger"
|
||||
local cjson = require "cjson"
|
||||
|
||||
function _M.new()
|
||||
local self = setmetatable({}, _M)
|
||||
return self, nil
|
||||
end
|
||||
|
||||
function _M:log()
|
||||
self.use = utils.get_variable("USE_BAD_BEHAVIOR")
|
||||
self.ban_time = utils.get_variable("BAD_BEHAVIOR_BAN_TIME")
|
||||
self.status_codes = utils.get_variable("BAD_BEHAVIOR_STATUS_CODES")
|
||||
self.threshold = utils.get_variable("BAD_BEHAVIOR_THRESHOLD")
|
||||
self.count_time = utils.get_variable("BAD_BEHAVIOR_COUNT_TIME")
|
||||
if self.use ~= "yes" then
|
||||
return true, "bad behavior not activated"
|
||||
end
|
||||
if not self.status_codes:match(tostring(ngx.status)) then
|
||||
return true, "not increasing counter"
|
||||
end
|
||||
local count, err = datastore:get("plugin_badbehavior_count_" .. ngx.var.remote_addr)
|
||||
if not count and err ~= "not found" then
|
||||
return false, "can't get counts from the datastore : " .. err
|
||||
end
|
||||
local new_count = 1
|
||||
if count ~= nil then
|
||||
new_count = count + 1
|
||||
end
|
||||
local ok, err = datastore:set("plugin_badbehavior_count_" .. ngx.var.remote_addr, new_count)
|
||||
if not ok then
|
||||
return false, "can't save counts to the datastore : " .. err
|
||||
end
|
||||
local function decrease_callback(premature, ip)
|
||||
local count, err = datastore:get("plugin_badbehavior_count_" .. ip)
|
||||
if err then
|
||||
logger.log(ngx.ERR, "BAD-BEHAVIOR", "(decrease_callback) Can't get counts from the datastore : " .. err)
|
||||
return
|
||||
end
|
||||
if not count then
|
||||
logger.log(ngx.ERR, "BAD-BEHAVIOR", "(decrease_callback) Count is null")
|
||||
return
|
||||
end
|
||||
local new_count = count - 1
|
||||
if new_count <= 0 then
|
||||
datastore:delete("plugin_badbehavior_count_" .. ip)
|
||||
return
|
||||
end
|
||||
local ok, err = datastore:set("plugin_badbehavior_count_" .. ip, new_count)
|
||||
if not ok then
|
||||
logger.log(ngx.ERR, "BAD-BEHAVIOR", "(decrease_callback) Can't save counts to the datastore : " .. err)
|
||||
end
|
||||
end
|
||||
local hdr, err = ngx.timer.at(tonumber(self.count_time), decrease_callback, ngx.var.remote_addr)
|
||||
if not ok then
|
||||
return false, "can't create decrease timer : " .. err
|
||||
end
|
||||
if new_count > tonumber(self.threshold) then
|
||||
local ok, err = datastore:set("bans_ip_" .. ngx.var.remote_addr, "bad behavior", tonumber(self.ban_time))
|
||||
if not ok then
|
||||
return false, "can't save ban to the datastore : " .. err
|
||||
end
|
||||
logger.log(ngx.WARN, "BAD-BEHAVIOR", "IP " .. ngx.var.remote_addr .. " is banned for " .. tostring(self.ban_time) .. "s (" .. tostring(new_count) .. "/" .. tostring(self.threshold) .. ")")
|
||||
end
|
||||
return true, "success"
|
||||
end
|
||||
|
||||
return _M
|
||||
54
core/badbehavior/plugin.json
Normal file
54
core/badbehavior/plugin.json
Normal file
@@ -0,0 +1,54 @@
|
||||
{
|
||||
"id": "badbehavior",
|
||||
"order": 2,
|
||||
"name": "Bad behavior",
|
||||
"description": "Ban IP generating too much 'bad' HTTP status code in a period of time.",
|
||||
"version": "0.1",
|
||||
"settings": {
|
||||
"USE_BAD_BEHAVIOR": {
|
||||
"context": "multisite",
|
||||
"default": "yes",
|
||||
"help": "Activate Bad behavior feature.",
|
||||
"id": "use-bad-behavior",
|
||||
"label": "Activate bad behavior",
|
||||
"regex": "^(yes|no)$",
|
||||
"type": "check"
|
||||
},
|
||||
"BAD_BEHAVIOR_STATUS_CODES": {
|
||||
"context": "multisite",
|
||||
"default": "400 401 403 404 405 429 444",
|
||||
"help": "List of HTTP status codes considered as 'bad'.",
|
||||
"id": "bad-behavior-status-code",
|
||||
"label": "Bad status codes",
|
||||
"regex": "^.*$",
|
||||
"type": "text"
|
||||
},
|
||||
"BAD_BEHAVIOR_BAN_TIME": {
|
||||
"context": "multisite",
|
||||
"default": "86400",
|
||||
"help": "The duration time (in seconds) of a ban when the corresponding IP has reached the threshold.",
|
||||
"id": "bad-behavior-ban-time",
|
||||
"label": "Ban duration (in seconds)",
|
||||
"regex": "^.*$",
|
||||
"type": "text"
|
||||
},
|
||||
"BAD_BEHAVIOR_THRESHOLD": {
|
||||
"context": "multisite",
|
||||
"default": "10",
|
||||
"help": "Maximum number of 'bad' HTTP status codes within the period of time before IP is banned.",
|
||||
"id": "bad-behavior-threshold",
|
||||
"label": "Threshold",
|
||||
"regex": "^.*$",
|
||||
"type": "text"
|
||||
},
|
||||
"BAD_BEHAVIOR_COUNT_TIME": {
|
||||
"context": "multisite",
|
||||
"default": "60",
|
||||
"help": "Period of time where we count 'bad' HTTP status codes.",
|
||||
"id": "bad-behavior-period",
|
||||
"label": "Period (in seconds)",
|
||||
"regex": "^.*$",
|
||||
"type": "text"
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user