github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity

Enhanced Google domain detection in apache-fakegooglebot 

Previously, an attacker could fake a domain like
crawl-1-1-1-1.googlebot.com.fake.net and get resolved. This change
avoids to resolve fake Google domains.
pull/1226/head
Pablo Rodriguez Fernandez 2015-10-19 09:13:05 +02:00
parent 7e6964dd9d
commit 74fcb219ab
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config/filter.d/ignorecommands/apache-fakegooglebot
View File

@ -26,7 +26,7 @@ def is_googlebot(ip):
from fail2ban.server.filter import DNSUtils from fail2ban.server.filter import DNSUtils
host = DNSUtils.ipToName(ip) host = DNSUtils.ipToName(ip)
if not host or not re.match('crawl-.*\.googlebot\.com', host): if not host or not re.match('crawl-.*\.googlebot\.com$', host):
sys.exit(1) sys.exit(1)
host_ips = DNSUtils.dnsToIp(host) host_ips = DNSUtils.dnsToIp(host)
sys.exit(0 if ip in host_ips else 1) sys.exit(0 if ip in host_ips else 1)