Adding useragent & scanners

mitchellkrogza / nginx-ultimate-bad-bot-blocker

Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders

Other

3.81k stars 472 forks source link

Adding useragent & scanners #512

Closed infernusec closed 1 year ago

infernusec commented 1 year ago

Mozilla/5.0 [en] (X11, U; OpenVAS-VT 21.4.3) OpenVAS is an opensource scanner project..

There are more scanners that are not blocked yet.. https://hostedscan.com/ (https://hostedscan.com/openvas-vulnerability-scan) (I tested they scanner, his ip is 45.33.88.234)

https://sitecheck.sucuri.net/api/v3/?scan=[URL_TO_SCAN]&clear https://www.immuniweb.com/websec/

mitchellkrogza commented 1 year ago

Thanks will look into this

mitchellkrogza commented 1 year ago

Unfortunately VALID Googlebots still use in their UA "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Googlebot/2.1; +http://www.google.com/bot.html) Chrome/102.0.5005.115 Safari/537.36"

You will have to block this in your custom blacklist or provide a more detailed UA