search

mitchellkrogza / apache-ultimate-bad-bot-blocker

Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
Other
826 stars 181 forks source link

Is auto updating secure? #186

Closed Grid405 closed 8 months ago

Grid405 commented 2 years ago

I have a question regarding the auto updater bash script, if the repository ever gets compromised and my server automatically pulls a malicious globalblacklist.conf, could that override my server configuration and bypass any security settings like basic auth rules ?

mitchellkrogza commented 8 months ago

Nobody can commit here except me. Thousands using this and the Nginx blocker and auto updating daily. https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker

GitHub
GitHub - mitchellkrogza/nginx-ultimate-bad-bot-blocker: Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders
Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail f...