Skip to content

CleanTalk/nginx-cleantalk-service

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits

etc/nginx

etc/nginx

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

Nginx lua-based module to filter spam POST requests to protect your website from spam bots by the blacklist.

Dependencies:

  • nginx-extras
  • lua-cjson

Install:

  • Debian/Ubuntu: apt install nginx-extras lua-cjson
  • Add nginx/conf.d/cache.conf to /etc/nginx/conf.d/ and set cache params as you want.
  • Add include /etc/nginx/snippets/cleantalk-api.conf; before protected location (Its API cache location)
  • Add this to "location" that you want to protect: set $apikey '123456789'; access_by_lua_file /etc/nginx/scripts/cleantalk.lua
  • Set $apikey to your key (Get it from: https://cleantalk.org/register?platform=api)
  • Do service nginx reload for apply changes

How its works?

When someone makes a POST request, parse it and grab email and IP (regex-based). IP and Email will be checked with the CleanTalk Database and if they are currently blacklisted then the visitor sees the block screen. If not then the POST request will be approved.

If there is no IP in the POST request — "http_remote_addr" (Real client address) will be used.

How Does the CleanTalk Database of Spam IP & Email Work?

CleanTalk analyzes spambots activity from more than 320,000 websites. We process about 2 millions of requests every day.

IPs and emails are being added to the CleanTalk Database only if they showed spam activity on several websites at once in a short period of time. Addresses that haven't shown any spam activity for the past 14 days will be deleted from the database. It allows us to keep the database information in the freshest state.

Spam activity data of IPs/emails are being updated in real-time.

Learn more about CleanTalk BlackList

How Is It Helpful

CleanTalk anti-spam module allows you to block bad IP addresses on your web server. Protect from spam attacks Block requests with fake emails Block other types of attacks on a web server from bad IP addresses using POST requests. Reduce web server load

Also, you can use CleanTalk API "spam_check" to check IP and Email via CleanTalk BlackList.

TODO:

  • Remove additional "/spam_check" location for proxy requests
  • Add session mechanics support (for protect entire folder w/o additional requests)?
  • Remove cjson dependencies (Possible to parse Json to native "lua table")
  • Add "GET" data support?
  • Better code and optimisation?

About

LUA configuration to filter any POST requests.

Topics

nginx spam blacklist block module lua anti-spam spam-prevention spam-protection antispam spam-filtering

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

11 stars

Watchers

5 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages