static_403_blocker/static_403_blocker.sh at main · fl3a/static_403_blocker · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
#!/bin/bash

# https://github.com/fl3a/static_403_blocker

# Block unwanted scanner and crawler traffic on static websites
# by pre-creating forbidden files and directories with restrictive permissions.

set -x

PATH=/usr/bin:$PATH
BLOCKLIST="$HOME/repos/static_403_blocker/blocklist.txt"

[ -f "$BLOCKLIST" ] || { echo "Missing blocklist: $BLOCKLIST" >&2; exit 1; }
[ -n "$1" ] && WEBROOT="$1" || { echo "Missing Argument WEBROOT" >&2; exit 1; }
[ -d "$WEBROOT" ] || { echo "WEBROOT is not a directory" >&2; exit 1; }

while IFS= read -r LINE; do

  # Trim leading and trailing whitespace
  LINE="${LINE#"${LINE%%[![:space:]]*}"}" # leading
  LINE="${LINE%"${LINE##*[![:space:]]}"}" # trailing

  # Skip comments and empty lines
  [[ -z "$LINE" || "$LINE" =~ ^# ]] && continue

  # Trim trailing and leading slash
  CLEAN_LINE="${LINE#/}"                  # leading
  FULL="${WEBROOT}/${CLEAN_LINE%/}"       # trailing

  # Skip if file or directory already exists
  [ -e "$FULL" ] && continue;

  case "$LINE" in
    */)
      mkdir -p "$FULL" || continue
      chmod 000 "$FULL"
      echo "[403] Directory blocked: $LINE"
      ;;
    *)
      DIR=$(dirname "$FULL")
      [ "$DIR" != "." ] && [ ! -d "$DIR" ] && { mkdir -p "$DIR" || continue; }
      touch "$FULL" || continue
      chmod 000 "$FULL"
      echo "[403] File blocked: $LINE"
      ;;
  esac
done < "$BLOCKLIST"