If you run your own servers, you will surely get a lot of weird hackbot requests, searching for accidentally accessible .env files and such. While these bots are generally harmful, unless you have an issue, I prefer to block them so they don’t spam my logs. If it is a Rails app, I use rack-attack, but I also have some jekyll and other stuff and for those, fail2ban is a great tool to solve this issue. Fail2ban is an intrusion prevention tool, that scans your log files and based on rules, blocks clients on the firewall. It is available on most Linux distributions, and you can install it with your package manager, you can check the installation instructions on the projects documentation. Once installed and configured(you need setup the init service), we can add a “jail”, to block these bots to the /etc/fail2ban/jail.local config file:

The RubyLA blog offers insights, tutorials, and community updates for Ruby developers in Los Angeles and beyond. Developers can explore Ruby language features, web development frameworks, and best practices for building Ruby applications. Additionally, the blog covers Ruby meetups, events, and job opportunities in the Los Angeles area, fostering collaboration and networking within the local Ruby community.

RUBYLAND

A practical guide to blocking malicious bots using fail2ban on Linux servers. Covers creating a jail configuration in `/etc/fail2ban/jail.local` targeting common hackbot paths (like `.env`, `/wp-admin`, `/wp-login`) in nginx access logs, and writing a custom filter with regex patterns. The setup bans offending IPs for 24 hours on first match. Also mentions rack-attack as an alternative for Rails apps and Cloudflare as a no-config option.

Blocking bots with fail2ban

Develop the right mindset for Rails security