From c1e8e83cfb2a56874b4e1a192db685aed01ad8ea Mon Sep 17 00:00:00 2001 From: Alex Cabal Date: Sat, 25 Jan 2025 13:46:39 -0600 Subject: [PATCH] Block some leechers in Apache config --- config/apache/standardebooks.org.conf | 6 ++++++ config/apache/standardebooks.test.conf | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/config/apache/standardebooks.org.conf b/config/apache/standardebooks.org.conf index 0f253783..0555af7a 100644 --- a/config/apache/standardebooks.org.conf +++ b/config/apache/standardebooks.org.conf @@ -156,6 +156,12 @@ Define conf_rewrite_root ${web_root}/config/apache/rewrites ProxySet connectiontimeout=5 timeout=240 + # Disable access to people attempting to clone the website and leech our resources by proxying via CloudFlare or some other service. + # Such services will have the custom `X-Forwarded-For` HTTP header set. + RewriteCond %{HTTP:X-Forwarded-For} . [OR] + RewriteCond %{HTTP:CF-Connecting-IP} . + RewriteRule ^.*$ - [F,L] + # In RewriteCond, RewriteRule gets evaluated BEFORE RewriteCond, so $1 refers to the first # match in RewriteRule # Rewrite POST /some/url -> POST /some/url/post.php diff --git a/config/apache/standardebooks.test.conf b/config/apache/standardebooks.test.conf index 9c0befc2..13c1cc89 100644 --- a/config/apache/standardebooks.test.conf +++ b/config/apache/standardebooks.test.conf @@ -138,6 +138,12 @@ Define conf_rewrite_root ${web_root}/config/apache/rewrites ProxySet connectiontimeout=5 timeout=240 + # Disable access to people attempting to clone the website and leech our resources by proxying via CloudFlare or some other service. + # Such services will have the custom `X-Forwarded-For` HTTP header set. + RewriteCond %{HTTP:X-Forwarded-For} . [OR] + RewriteCond %{HTTP:CF-Connecting-IP} . + RewriteRule ^.*$ - [F,L] + # In RewriteCond, RewriteRule gets evaluated BEFORE RewriteCond, so $1 refers to the first # match in RewriteRule # Rewrite POST /some/url -> POST /some/url/post.php