block more user-agents.

2026-02-23 06:54:20 +01:00 · 2024-09-26 07:36:17 -03:00
parent 82c32c21f4
commit 60116e36fe
3 changed files with 9 additions and 9 deletions
--- a/block.go
+++ b/block.go
@@ -10,14 +10,14 @@ import (

 func agentBlock(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		userAgent := r.UserAgent()
-		if strings.Contains(userAgent, "Amazonbot") {
-			// Drop the request by returning a 403 Forbidden response
-			http.Error(w, "Forbidden", http.StatusForbidden)
-			return
+		ua := r.Header.Get("User-Agent")
+		for _, bua := range []string{"Amazonbot", "semrush", "Bytespider", "AhrefsBot"} {
+			if strings.Contains(ua, bua) {
+				log.Debug().Str("ua", ua).Msg("user-agent blocked")
+				http.Error(w, "Forbidden", http.StatusForbidden)
+				return
+			}
 		}
-
-		// Call the next handler in the chain
 		next.ServeHTTP(w, r)
 	})
 }
@@ -30,7 +30,7 @@ func cloudflareBlock(next http.Handler) http.Handler {
 				if ipnet.Contains(ip) {
 					// cloudflare is not allowed
 					log.Debug().Stringer("ip", ip).Msg("cloudflare (attacker) ip blocked")
-					http.Redirect(w, r, "https://njump.me/", 302)
+					http.Error(w, "Forbidden", http.StatusForbidden)
 					return
 				}
 			}
--- a/http_middleware.go
+++ b/http_middleware.go
--- a/main.go
+++ b/main.go
@@ -148,9 +148,9 @@ func main() {
 	// apply http middlewares
 	for _, middleware := range []func(http.Handler) http.Handler{
 		cors.Default().Handler,
+		loggingMiddleware,
 		agentBlock,
 		cloudflareBlock,
-		loggingMiddleware,
 	} {
 		mainHandler = middleware(mainHandler)
 	}