vi /etc/sysconfig/snmpd.options
OPTIONS="-Lsd -Lf /dev/null -p /var/run/snmpd.pid -a -x 127.0.0.1 192.168.1.254"
service snmpd reload
Snmpd Listen to Specific IP Address - CentOS
Enable Service in centos 9 firewall (firewalld)
-
- Add a profile for SNMP to firewalld.
nano /etc/firewalld/services/snmp.xml
Contents of the file is as following (Please mind the using of udp port 161)
<?xml version="1.0" encoding="utf-8"?> <service> <short>SNMP</short> <description>SNMP protocol</description> <port protocol="udp" port="161"/> </service>
- Reload your firewall for checking any error
firewall-cmd --reload
- Add the service to your public zone
firewall-cmd --zone=public --add-service snmp --permanent
- Reload your firewall again
firewall-cmd --reload
- Add a profile for SNMP to firewalld.
Now Test Snmp Status from another server
snmpwalk -v 2c -c public IP.of.target.server
Blocking access by user agent in Nginx
How to block access by user agent in Nginx. In this configuration, i will use ngx_http_map_module.
Inside http section:
include /etc/nginx/blacklist;
Inside server section (virtual host). We will return 444 status code.
if ($block_ua) {
return 444;
}
The blacklist file (example)
map $http_user_agent $block_ua {
default 0;
~*profound 1;
~*scrapyproject 1;
~*netcrawler 1;
~*nmap 1;
~*sqlmap 1;
~*slowhttptest 1;
~*nikto 1;
~*jersey 1;
~*brandwatch 1;
~*magpie-crawler 1;
~*mechanize 1;
~*python-requests 1;
~*redback 1;
}
For testing:
aelius@macbook:~$ curl --head -A "profound" https://www.unixteacher.org/ curl: (52) Empty reply from server
What is http status 444 ?
A non-standard status code used to instruct nginx to close the connection without sending a response to the client, most commonly used to deny malicious or malformed requests.
Assinar:
Postagens (Atom)
For those not using wordpress at all and just want to block annoying scraper bots:
or better yet: