[Traefik/Finding Aids] Finding Aids Bot Wall #5911
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
tpendragon
force-pushed
the
pulfalight_bot_wall
branch
9 times, most recently
from
cb5dbf4 to
0bd9c47
Compare
tpendragon
changed the title
kayiwa
reviewed
Mar 7, 2025
acozine
reviewed
Mar 7, 2025
| - 128.112.200.245/32 | ||
| - 128.112.201.34/32 | ||
| # PUL Network, trust these. | ||
| - 128.112.0.0/16 |
There was a problem hiding this comment.
Is there any way we can use the existing list of PUL IP ranges from the nginxplus role? I know these don't change often (maybe not ever) but I dislike having the same list in two places - double the maintenance, double the risk of drift.
There was a problem hiding this comment.
That's a good question! Hmm. Can you ticket that? We might be able to store the list of IPs as a nomad variable provisioned by ansible, but it'd take some figuring to see how to store an array there.
| - 128.112.200.245/32 | ||
| - 128.112.201.34/32 | ||
| # PUL Network, trust these. | ||
| - 128.112.0.0/16 |
| @@ -0,0 +1,40 @@ | |||
| http: | |||
| @@ -37,7 +45,7 @@ server { | |||
| proxy_set_header X-Forwarded-Proto https; | |||
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |||
| proxy_set_header X-Real-IP $remote_addr; | |||
| proxy_cache pulfalight-stagingcache; | |||
| proxy_cache pulfalight-prodcache; | |||
This makes the bot wall work for facets from the home page.
We're not getting reports of users getting stuck, and the bots are quickly diversifying their IPs enough to avoid the low challenge wall.
kayiwa
force-pushed
the
pulfalight_bot_wall
branch
from
f97261d to
a5fe62a
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds the bot wall to finding aids, via a few updates:
findingaids.princeton.edu/?f[]=tofindingaids.princeton.edu/catalog?f[]=to let it be caught by the bot wall.IMPORTANT NOTE: To make this work, @kayiwa had to allow access from the lib subnet to the finding aids machines.