Retrospective freeze break: Block riddler.io

Patrick Uiterwijk puiterwijk at redhat.com
Fri Apr 17 11:36:50 UTC 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

Earlier today, the riddler.io bot pulled Bodhi under by performing
a lot of heavy requests.

I know from experience that this bot does NOT listen to robots.txt,
even though the website says it does (it hit my personal webserver
as well at an earlier time), so I have currently blocked it by user
agent.

We probably need to fix this better soon, but for the time being I
put this in to make Bodhi behave again.

Any comments?


 1 files changed, 3 insertions(+), 1 deletions(-)
[puiterwijk at lockbox01 files]$ git show HEAD
commit a635e91849f29dd3c146b8067f602871ff959f00
Author: Patrick Uiterwijk <puiterwijk at redhat.com>
Date:   Fri Apr 17 11:29:48 2015 +0000

    Block the Riddler.io bot from accessing bodhi
    
    This bot does NOT follow robots.txt, even though it announces that
    it does, and it hits Bodhi so much that it pulls the bodhi servers
    under.
    
    An email has been sent to the maintainer of the bot, but for the
    time being, let's block it from using any bodhi resources.
    
    Signed-off-by: Patrick Uiterwijk <puiterwijk at redhat.com>

diff --git a/roles/bodhi/base/files/bodhi-app.conf b/roles/bodhi/base/files/bodhi-app.conf
index 3e10a59..3f44964 100644
- --- a/roles/bodhi/base/files/bodhi-app.conf
+++ b/roles/bodhi/base/files/bodhi-app.conf
@@ -13,6 +13,8 @@ Alias /updates/tg_widgets/tgmochikit/packed/MochiKit/MochiKit.js /usr/lib/python
 
 <Directory /usr/share/bodhi>
   WSGIProcessGroup bodhi
- -  Order deny,allow
+  SetEnvIf User-Agent Riddler GoAway=1
+  Order allow,deny
   Allow from all
+  Deny from env=GoAway
 </Directory>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVMPBRAAoJEIZXmA2atR5QBUAP/3+GOLJKRJ3hPB+GBBnx9Dg/
KDEdK6gCtOZUP0sYOPhEVmwTSHXjz/Z51Gvj9EO8FIFQFtnivA80tS2hiSp4x+gR
K35z6cxIGbtlG7INLIBoyqTOD6bzvRe0mUP2cKL0+bgFxTzwbZx9HUrQd3PGwA4N
2W2SXROoVv2FVB4rpHTpQouY2VYdcyCDBsibjs2Y37Cxah/ltQC2FHaGlEMJSVCx
DAQMAkxdGE0ww2AzRXysHDs46mHtpVFIOHgvtjd6A4NfMuB3gEGaJbcOj28AGmlt
RIGU/arVp3OaNFwjAHyrHRCP56i68c7X/N0NwA/hWXLgOm3AJ4AbFoPPNSC0IwYo
DVXvJBwRZp5hiuBED0T6/A6j2gVE52n1ytIcAmMznnw7qiupNxKLLpwow9T0RbYi
468aG97vvrFhr7Zj23i/yYsTXJvaMygHlG+nH82k/pdd93tXc5XVLL6MxjKAO53v
gaHuvPcHhQuqXus/vv6nNXf/fRhtH3DlnTQRxMz5GZlXVdE9UCaROKNFcISgkCPR
62RYEBG4ZPPM6T9/Ps7CUtSVaCJnfZe1CSUhDlyA3JeCLizmLlAwUJXh3ysS1ZwX
iGGkNjj/EdoJZdXz2941LurG2Q03o7cbcqGpZofJvRFDGdFhRdD5ePtqq1+/E0uw
A0lPKspP13sayVSaqdBQ
=QgK+
-----END PGP SIGNATURE-----

More information about the infrastructure mailing list