nginx-ultimate-bad-bot-blocker
nginx-ultimate-bad-bot-blocker copied to clipboard
[BUG] update-ngxblocker -q Is Not Silent
Describe the bug
Running update-ngxblocker -q on FreeBSD outputs: Updating bots.d path
To Reproduce
Install using packages, setup, tested and running fine. Then run updater with -q
option to suppress non-error messages, like so:
% sudo /usr/local/sbin/update-ngxblocker -q
Updating bots.d path
Expected behavior
Silent update.
Copy of nginx.conf
worker_processes auto;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
# Nginx Bad Bot Blocker Includes (REPO: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker)
include /usr/local/etc/nginx/conf.d/botblocker-nginx-settings.conf;
include /usr/local/etc/nginx/conf.d/globalblacklist.conf;
server {
listen 80;
server_name localhost;
location / {
root /usr/local/www/nginx;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/local/www/nginx-dist;
}
}
include /www/conf/*.conf;
}
Server (please complete the following information):
-
Operating System:
-
[X] Other
-
Specify Exact Version of OS:
FreeBSD www.cpdig.com 13.1-RELEASE-p6 FreeBSD 13.1-RELEASE-p6 GENERIC amd64
- Nginx Version [post output of sudo nginx -v]
nginx version: nginx/1.22.1
Additional information
A normal run of the updater would look like this:
% sudo /usr/local/sbin/update-ngxblocker
LOCAL Version: 4.2023.04.3690
Updated: Tue Apr 18 10:03:34 UTC 2023
REMOTE Version: 4.2023.04.3693
Updated: Wed Apr 19 22:01:03 UTC 2023
Update Available => 4.2023.04.3693
Downloading: globalblacklist.conf ...[OK]
Checking url: https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/include_filelist.txt
Nothing to update for directory: /usr/local/etc/nginx/conf.d
Nothing to update for directory: /usr/local/etc/nginx/bots.d
** FreeBSD specific ** | not updating scripts, please use the package management for this.
Updating bots.d path
Reloading NGINX configuration...[OK]
In addition, when flag -q is used together with -m, an empty-body email is sent. If there are no issues during the update, no email should be sent.
@cmdpedro, what operating system are you running?
nginx version: nginx/1.20.1 5.4.0-147-generic #164-Ubuntu SMP Tue Mar 21 14:23:17 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
Update: it would appear that this has already been fixed in the main branch, so I guess we're just waiting for the code to get bumped in FreeBSD Packages.
On my system I have this code in /usr/local/sbin/update-ngxblocker
:
update_paths() {
# variables in nginx include files not currently possible
# updates hard coded bots.d path in globalblacklist.conf
local blacklist=$1 include_paths= dir= x=
case ${OS} in
Linux)
if ! grep "$BOTS_DIR" $blacklist 1>/dev/null; then
if [ -d $BOTS_DIR ]; then
printf "${BOLDGREEN}Updating bots.d path${RESET}: ${BOLDWHITE}$BOTS_DIR => $blacklist${RESET}\n"
include_paths=$(grep -E "include /.*.conf;$" $blacklist | awk '{print $2}' | tr -d ';')
for x in $include_paths; do
dir=$(dirname $x)
${SED_CMD} -i "s|$dir|$BOTS_DIR|" $blacklist
done
else
printf "${BOLDRED}ERROR${RESET}: '$BOTS_DIR' does not exist => ${BOLDWHITE}running $INSTALLER${RESET}.\n"
$INSTALL_INC
update_paths $blacklist
fi
fi
;;
*BSD)
printf "${BOLDGREEN}Updating bots.d path${RESET}\n"
/usr/bin/sed -i "" -e 's:include .*nginx/:include :g' ${BOTS_DIR}/*.conf ${CONF_DIR}/*.conf
;;
esac
}
Whereas Master branch has this:
update_paths() {
# variables in nginx include files not currently possible
# updates hard coded bots.d path in globalblacklist.conf
local blacklist=$1 include_paths= dir= x=
if ! grep "$BOTS_DIR" $blacklist 1>/dev/null; then
if [ -d $BOTS_DIR ]; then
printf "${BOLDGREEN}Updating bots.d path${RESET}: ${BOLDWHITE}$BOTS_DIR => $blacklist${RESET}\n"
include_paths=$(grep -E "include /.*.conf;$" $blacklist | awk '{print $2}' | tr -d ';')
for x in $include_paths; do
dir=$(dirname $x)
${SED_CMD} -i "s|$dir|$BOTS_DIR|" $blacklist
done
else
printf "${BOLDRED}ERROR${RESET}: '$BOTS_DIR' does not exist => ${BOLDWHITE}running $INSTALLER${RESET}.\n"
$INSTALL_INC
update_paths $blacklist
fi
fi
}
I'm not sure what this bit of code was intended to accomplish. Running that sed
command on my system doesn't do anything to the .conf
files.
*BSD)
printf "${BOLDGREEN}Updating bots.d path${RESET}\n"
/usr/bin/sed -i "" -e 's:include .*nginx/:include :g' ${BOTS_DIR}/*.conf ${CONF_DIR}/*.conf
;;
esac
So I have commented/disabled it like so.
*BSD)
# printf "${BOLDGREEN}Updating bots.d path${RESET}\n"
# /usr/bin/sed -i "" -e 's:include .*nginx/:include :g' ${BOTS_DIR}/*.conf ${CONF_DIR}/*.conf
;;
esac
Now /usr/local/sbin/update-ngxblocker -q
is silent when there are no errors.
@cmdpedro, I'm on FreeBSD, so I think your case is different. It looks to me the it might have to do with the update_paths()
function testing for the full path to the $BOTS_DIR
in $blacklist
when the path may be relative.