This project is an experimental NodeJS utility that parses Nginx access logs, capturing any red-flags, and updates a CloudFlare blacklist using axios.
- Latest NodeJS
- Latest Axios
- Cloudflare Account
git clone github.com/yordadev/YorBlacklister
cd YorBlacklister
npm install
cp lib/Example.Config.js lib/Config.js
-
Retrieve your CloudFlare key here
-
Get your CloudFlare account and list ID's; if you cannot find them, you will need to consume the methods included in the CloudFlare class to get them.
class Config {
constructor() {
this.codes = ["301", "400", "404"]; // Set whatever codes you want to watch for being excessively hit
this.file_path = "../logs/access.log"; // See the next step
this.email = ""; // CloudFlare email
this.key = ""; // CloudFlare key
this.account_id = ""; // CloudFlare account_id
this.list_id = ""; // CloudFlare list id for your blacklist
this.limit = 4; // red-flag if IP occurrences on 301 code over limit
}
}
- Copy your access logs into the
./logs
folder.
mkdir logs
scp -r [email protected]:/var/log/nginx logs