Auto Update about nginx-ultimate-bad-bot-blocker HOT 14 CLOSED

Hi @saschadd so glad you are enjoying the benefits of this project 👍

Yes the only file that ever gets updated is the globalblacklist.conf file.

All the other files were changed to be includes which can be customized to a users liking and won't ever get modified during updates.

I do from time to time update those include files to include some bad ip addresses or ranges for instance like in blacklist-ips.conf but that does not mean you need to agree with those additions nor update to use my updated include files.

The update script should and does reload Nginx see lines 182-183 of the update-ngblocker script.

It could be a problem with your distro CentOS 7.3 but I am sure @itoffshore will look into it and find a fix for it.

@saschadd are you sure you have the latest version of update-ngblocker and do you run it with sudo ??

from nginx-ultimate-bad-bot-blocker.

@saschadd - systemd seems to only print to syslog so I'm changing update-ngxblocker to also print the status for reloading the nginx configuration.

from nginx-ultimate-bad-bot-blocker.

okay, problem solved.
somehow the crontab approach was not working.
made a new file /etc/cron.d/nginxbadbotsupdate
and added
SHELL=/bin/sh
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
00 */8 * * * root /usr/sbin/./update-ngxblocker
this works :D

from nginx-ultimate-bad-bot-blocker.

I can confirm it reloads nginx perfectly on Ubuntu 16.04

Jun  6 11:51:26 ub1 systemd[1]: Reloading A high performance web server and a reverse proxy server.
Jun  6 11:51:33 ub1 systemd[1]: Reloaded A high performance web server and a reverse proxy server.

@saschadd please do the following for me and report back.

run

sudo /usr/sbin/update-ngxblocker

then immediately after that run

tail -f /var/log/syslog

and see if you see any messages about Nginx being reloaded or not.

from nginx-ultimate-bad-bot-blocker.

@saschadd And one more thing to check, who is the owner of update-ngxblocker ??

ls -la /usr/sbin

you should see

-rwxr-xr-x 1 root root 6440 Apr 27 09:59 update-ngxblocker

from nginx-ultimate-bad-bot-blocker.

@itoffshore might be useful in case "$SEND_EMAIL" in of update-ngxblocker to include the output of "nginx reload" in the body of the message.

So email body received would look something like this.

2017-06-06 00:00:02 URL:https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/globalblacklist.conf [149482/149482] -> "/etc/nginx/conf.d/globalblacklist.conf" [1] 
Jun  6 11:51:26 ub1 systemd[1]: Reloading A high performance web server and a reverse proxy server.
Jun  6 11:51:33 ub1 systemd[1]: Reloaded A high performance web server and a reverse proxy server.

from nginx-ultimate-bad-bot-blocker.

centos does not have wget installed by default so this could be the problem.

I will add a check / warning message for wget - or perhaps a better solution is to add support for curl.

from nginx-ultimate-bad-bot-blocker.

Thanks @itoffshore I'm pretty sure you will figure it out 👍

from nginx-ultimate-bad-bot-blocker.

are you sure you have the latest version of update-ngblocker
double checked, yes

and do you run it with sudo ??
actually the cronjob runs as root
interesting is when i started it as root manually it worked with nginx restart.
so my cronjob might be faulty... have to check this

ls -la /usr/sbin output is
-rwxr-xr-x 1 root root 6441 31. Mai 08:07 update-ngxblocker

wget is installed and it is downloading the file. this is not a problem for me.

from nginx-ultimate-bad-bot-blocker.

my crontab entry is like that

00 */8 * * * /usr/sbin/update-ngxblocker

cant see anything wrong

from nginx-ultimate-bad-bot-blocker.

I see nginx reloading it's config in centos 7 (both with & without mailx installed):

[root@centos ~]$  tail /var/log/messages
Jun  6 20:15:58 localhost systemd: Reloaded The nginx HTTP and reverse proxy server.

perhaps you are missing mailx so you don't receive an email report ? (ssmtp & mailx are sufficient to get emails - you don't need a complete mail server).

from nginx-ultimate-bad-bot-blocker.

@saschadd - I find this useful for logging cron jobs.

from nginx-ultimate-bad-bot-blocker.

i just waited for the next cronjob update and watched /var/log/messages for nginx reload
the file gets downloaded correctly but the reload of nginx is not done
strange

i am receiving the email report, i was just wondering if there should be more info in the email sent

from nginx-ultimate-bad-bot-blocker.

@saschadd glad you got your cron fixed, still strange it wouldn't run with a normal crontab -e entry. Possibly some changes made in CentOS 7

from nginx-ultimate-bad-bot-blocker.