I have attracted a bot that has now been scanning for over 12 hours non-stop. I can’t find the IP and fail2ban is doing jack. Is there a way to use Ghost to stop the bot?
If it helps, this is a Headless Chrome bot, from St Louis (Downtown), United States running on Windows 10.
I am running 5.22.9.
If you are running Ghost behind Nginx - then having
$remote_addr in your
log_format should show you the IP. Configuring Logging | NGINX Plus - note that this is the default. On my host the Nginx log /var/log/nginx/access.log shows the IP.
Once you have the IP you could deny access in Nginx - or drop their traffic using
nftables or whatever firewall you have running on your server.
If they are coming in from an ISP their IP will likely change - be careful when blocking using netblocks.
What about a robot.txt file? I dropped one in my theme folder.
Add your website to Cloudflare and check what is the user agent. Then you can block it from there. I have done it successfully.
Hi, glad that worked for you, but I’m desperately trying to avoid working with outfits like them. Prefer to do my own thing and so far, glad I have chosen this.
Make sure to check that your
/robots.txt URL is dishing up what you expect by entering the URL in your browser address bar. Ghost does handling on this URL and it may not be where you are expecting.
Ha. You got me there. I corrected this.
Killed it with IPFW + Fail2Ban. Was a schlep to implement, but, we got there in the end. The DDOS stopped.
@nicgentile I’m running Ghost with Docker, and had the same problem. Any chance you’d be willing to share the steps you took?
I run FreeBSD, so mine was IPFW. Nonetheless, this was the guide I followed.