EGh5  committed 3bdd4d4


  • Participants
  • Parent commits b99c50f

Comments (0)

Files changed (2)

File doorkeeper/README.rst

 This application bannes bad bots making requests for exactly non-existent urls.
 Middleware-level is using.
   DOORKEEPER_PATIENCE=3  # number of bad attempts
   DOORKEEPER_TERM=1200   # penalty time (sec.)
-Add Ť'doorkeeper',ť to INSTALLED_APPS, and 
-to MIDDLEWARE_CLASSES (as high as possible)
+  'doorkeeper', 
+and to MIDDLEWARE_CLASSES (as high as possible)
+  'doorkeeper.middleware.DoorkeeperMiddleware',
 You can watch your catch in django-admin.
 Please consider os-level utilities. fail2ban should be mentioned among them.
+Good luck in hunting!

File doorkeeper/

 import datetime
-#from django.conf import settings
 from django.http import HttpResponseNotFound
 from doorkeeper.models import BotRecord
 from django.conf import settings
         saddr = request.META.get('REMOTE_ADDR',"n/a")
         shash = "%s %s"% (saddr, sagent)
-            br=BotRecord.objects.get(bot_hash=shash)
-            if br.detention_upto:
-                if br.detention_upto> now:           # fresh banned cleint
-                    raise Http404()                  # bounce
-                    #return HttpResponseNotFound("Not existent page!")
+            br=BotRecord.objects.get(bot_hash=shash) # if client exists in BotRecords
+            if br.detention_upto:                    # check detention end time
+                if br.detention_upto> now:           # fresh banned client
+                    raise Http404()                  # bounce - it's active bad bot!
                     if br.penalty_count > PATIENCE:  # for old banned client
                         br.penalty_count=0           # forgiving them