Nginx Shell Script To Block Spamhaus Lasso Drop Spam IP Address

#!/bin/bash
# A Nginx Shell Script To Block Spamhaus Lasso Drop Spam IP Address
# Run this script once a day and drop all spam network IPs (netblock) with http 403 client error.
# The script will get executed every day via /etc/cron.daily (make sure crond
# is running).
# -------------------------------------------------------------------------
# Copyright (c) 2008 nixCraft project <http://cyberciti.biz/fb/>
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# -------------------------------------------------------------------------
# Last updated on Jan/11/2010
# -------------------------------------------------------------------------
# tmp file
FILE="/tmp/drop.lasso.txt.$$"
 
# nginx config file - path to nginx drop conf file
OUT=/usr/local/nginx/conf/drop.lasso.conf
 
URL="http://www.spamhaus.org/drop/drop.lasso"
# reload command
NGINX="/usr/local/nginx/sbin/nginx -s reload"
 
# remove old file
[[ -f $FILE ]] && /bin/rm -f $FILE
 
# emply nginx deny file
>$OUT
 
# get database
/usr/bin/wget --output-document=$FILE "$URL"
 
# format in nginx deny netblock; format
/bin/egrep -v '^;' $FILE  | awk '{ print "deny " $1";"}' >>$OUT
 
# reload nginx
/bin/sync && ${NGINX}

How Do I Use This Script?

Download and save this script to /etc/cron.daily/, enter:

cd /etc/cron.daily/
wget http://bash.cyberciti.biz/dl/500.sh.zip
unzip 500.sh.zip
mv 500.sh nginx.drop.lasso
chmod +x nginx.drop.lasso
rm 500.sh.zip

Edit nginx.conf (/usr/local/nginx/conf/nginx.conf) and add the following line:

## Block lasso spammers ##
  include drop.lasso.conf;
## Block lasso spammers ##

Save and close the file. Run the script:

/etc/cron.daily/nginx.drop.lasso
Get the latest tutorials on SysAdmin, Linux/Unix, Open Source, and DevOps topics:
CategoryList of Unix and Linux commands
File Management cat
Firewall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilities dig host ip nmap
OpenVPN CentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Manager apk apt
Processes Management bg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searching grep whereis which
User Information groups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPN CentOS 8 Debian 10 Firewall Ubuntu 20.04
2 comments… add one
  • Alex Dec 22, 2013 @ 16:30

    it helps me, just change paths in script.

  • Enzo Nov 7, 2011 @ 17:53

    what is the utilitie of this script?, please can you explain a little?

    regards, nice blog.

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.