From 89b9baf392bd86ec093e77c50f7b7fac6ba2d24d Mon Sep 17 00:00:00 2001 From: Michael Vogel Date: Sat, 27 Apr 2019 15:33:06 +0200 Subject: [PATCH] There are in fact many false positives ... --- blockbot/blockbot.php | 54 ++++++++++++++++++++++++++++++++----------- 1 file changed, 41 insertions(+), 13 deletions(-) diff --git a/blockbot/blockbot.php b/blockbot/blockbot.php index 5d2242ef..587bc9d1 100644 --- a/blockbot/blockbot.php +++ b/blockbot/blockbot.php @@ -27,23 +27,51 @@ function blockbot_uninstall() { function blockbot_init_1(App $a) { $crawlerDetect = new CrawlerDetect(); + $logdata = ['agent' => $_SERVER['HTTP_USER_AGENT'], 'uri' => $_SERVER['REQUEST_URI']]; + + if (!$crawlerDetect->isCrawler()) { + logger::debug('Good user agent detected', $logdata); + return; + } + + // List of strings of reported false positives + $agents = ['Mastodon', 'hackney', 'Faraday', 'okhttp', 'UniversalFeedParser', 'PixelFedBot', 'python-requests', + 'WordPress']; + foreach ($agents as $agent) { + if (stristr($_SERVER['HTTP_USER_AGENT'], $agent)) { + // The agents had been reported to https://github.com/JayBizzle/Crawler-Detect/issues/ + logger::notice('Already reported wrong detection', $logdata); + return; + } + } + // List of strings of known "good" agents $agents = ['diaspora-connection-tester', 'DiasporaFederation', 'Friendica', '(compatible; zot)', - 'Micro.blog', 'Mastodon', 'hackney', 'GangGo', 'python/federation', 'GNU social', 'winHttp', + 'Micro.blog', 'GangGo', 'python/federation', 'GNU social', 'winHttp', 'Go-http-client', 'Mr.4x3 Powered', 'Test Certificate Info', 'WordPress.com', 'zgrab', - 'curl/', 'StatusNet', 'OpenGraphReader/', 'Uptimebot/', 'python-opengraph-jaywink']; + 'curl/', 'StatusNet', 'OpenGraphReader/', 'Uptimebot/', 'python-opengraph-jaywink', + 'fediverse.network crawler', 'Active_Pods_CheckBot_3.0', 'Social-Relay']; - if ($crawlerDetect->isCrawler()) { - foreach ($agents as $agent) { - if (stristr($_SERVER['HTTP_USER_AGENT'], $agent)) { - // @ToDo: Report every false positive here: https://github.com/JayBizzle/Crawler-Detect/issues/326 - logger::notice('False positive', ['agent' => $_SERVER['HTTP_USER_AGENT']]); - return; - } + foreach ($agents as $agent) { + if (stristr($_SERVER['HTTP_USER_AGENT'], $agent)) { + // Report every false positive here: https://github.com/JayBizzle/Crawler-Detect/issues/ + // After report move it into the array above + logger::notice('False positive', $logdata); + return; } - logger::info('Blocked bot', ['agent' => $_SERVER['HTTP_USER_AGENT']]); - System::httpExit(403, 'Bots are not allowed'); - } else { - logger::debug('Good user agent detected', ['agent' => $_SERVER['HTTP_USER_AGENT']]); } + + // List of known crawlers. They are added here to avoid having them logged at the end of the function. + // This helps to detect false positives + $agents = ['Mozilla/5.0 (compatible; SemrushBot/3~bl; +http://www.semrush.com/bot.html)', 'SEMrushBot', + 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36 AppEngine-Google; (+http://code.google.com/appengine; appid: s~feedly-nikon3)']; + + foreach ($agents as $agent) { + if ($_SERVER['HTTP_USER_AGENT'] == $agent) { + System::httpExit(403, 'Bots are not allowed'); + } + } + + logger::info('Blocked bot', $logdata); + System::httpExit(403, 'Bots are not allowed'); }