en:tecdoc:abusenotif

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
en:tecdoc:abusenotif [2021/03/17 16:17]
jomat
en:tecdoc:abusenotif [2021/08/22 10:04] (current)
jomat [Content Reports]
Line 2: Line 2:
  
 <code - nginx.conf> <code - nginx.conf>
- location /_matrix/client/r0/register { +        location ~ ^/_matrix/client/(r0|unstable)/register
-                #limit_req zone=limitregister burst=5; + proxy_pass http://127.0.0.1:8008;
- client_max_body_size 100M; +
- client_body_buffer_size 100M; +
- +
- proxy_pass  http://127.0.0.1:8008;+
                 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;                 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header Host     $host; + proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr; +
-                proxy_set_header X-Forwarded-Proto $scheme; +
-                proxy_set_header X-Forwarded-Ssl on; +
-                proxy_set_header X-SSL 1;                +
                 body_filter_by_lua_block {                 body_filter_by_lua_block {
                   local proc = io.popen('/usr/local/bin/matrix_user_registered ' .. ngx.var.remote_addr,'w')                   local proc = io.popen('/usr/local/bin/matrix_user_registered ' .. ngx.var.remote_addr,'w')
Line 25: Line 17:
 #!/usr/bin/zsh #!/usr/bin/zsh
  
 +# access token of @abuse:…
 AT='MDMA...' AT='MDMA...'
 +# admin room to send notifications to
 ROOM='!x1y2z3:example.com' ROOM='!x1y2z3:example.com'
-IP=$1+# ip of the new user, with gdpr redaction to /24 
 +IP=`echo $1|cut -d. -f1-3`.0 
 + 
 +#read stdin
 SI=`/bin/cat` SI=`/bin/cat`
-echo `date` $SI >> /tmp/newuserlog+#try to retrieve new user id
 U=`echo $SI|jq -r .user_id` U=`echo $SI|jq -r .user_id`
  
Line 35: Line 32:
 [ "null" = "$U" ] && exit 0 [ "null" = "$U" ] && exit 0
  
 +# send notification
 curl -X PUT "https://asra.gr/_matrix/client/r0/rooms/${ROOM}/send/m.room.message/"`uuid -m -F SIV`"?access_token=${AT}" -H  "accept: application/json" -H  "Content-Type: application/json" -d " \"body\": \"@room New user registered: ${U} from ${IP}\",  \"msgtype\": \"m.text\"}" >> /tmp/reguser.txt 2>> /tmp/reguser.txt curl -X PUT "https://asra.gr/_matrix/client/r0/rooms/${ROOM}/send/m.room.message/"`uuid -m -F SIV`"?access_token=${AT}" -H  "accept: application/json" -H  "Content-Type: application/json" -d " \"body\": \"@room New user registered: ${U} from ${IP}\",  \"msgtype\": \"m.text\"}" >> /tmp/reguser.txt 2>> /tmp/reguser.txt
 </code> </code>
Line 40: Line 38:
 ====== Content Reports ====== ====== Content Reports ======
 <code - nginx.conf> <code - nginx.conf>
- location ~ /_matrix/client/r0/rooms/.*/report/.* { + location ~ ^/_matrix/client/(r0|unstable)/rooms/.*/report/
- client_max_body_size 100M; + proxy_pass http://127.0.0.1:8008;
- client_body_buffer_size 100M; +
- +
- proxy_pass  http://127.0.0.1:8008;+
                 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;                 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header Host     $host; + proxy_set_header Host $host;             
- proxy_set_header X-Real-IP $remote_addr; +
-                proxy_set_header X-Forwarded-Proto $scheme; +
-                proxy_set_header X-Forwarded-Ssl on; +
-                proxy_set_header X-SSL 1;                +
  rewrite_by_lua '  rewrite_by_lua '
                   if ngx.var.request_method == "POST" then                   if ngx.var.request_method == "POST" then
Line 60: Line 51:
  
 <code - /usr/local/bin/matrix_event_reported> <code - /usr/local/bin/matrix_event_reported>
-#!/usr/bin/zsh 
- 
-AT='MDMA...' 
-ROOM='!x1y2z3:example.com' 
-IP=$1 
-SI=`/bin/cat` 
-echo `date` $SI >> /tmp/newuserlog 
-U=`echo $SI|jq -r .user_id` 
- 
-[ -z "$U" ] && exit 0 
-[ "null" = "$U" ] && exit 0 
- 
-curl -X PUT "https://asra.gr/_matrix/client/r0/rooms/${ROOM}/send/m.room.message/"`uuid -m -F SIV`"?access_token=${AT}" -H  "accept: application/json" -H  "Content-Type: application/json" -d " \"body\": \"@room New user registered: ${U} from ${IP}\",  \"msgtype\": \"m.text\"}" >> /tmp/reguser.txt 2>> /tmp/reguser.txt 
- 
-➜  ~ cat /usr/local/bin/matrix_event_reported 
 #!/bin/sh #!/bin/sh
  
Line 80: Line 56:
 ROOM='!x1y2z3:example.com' ROOM='!x1y2z3:example.com'
  
 +# log abuse reports
 echo date $* >> /tmp/report.log  echo date $* >> /tmp/report.log 
  
 +# TODO: abuse reports should be forwarded to appropriate admins or 
 +#       abuse contacts. since some servers don't implement MSC 1929 
 +#       an idea is to implement a semi automatic filled db of some kind
 #https://asra.gr/.well-known/matrix/support #https://asra.gr/.well-known/matrix/support
 # abuse@matrix.org: https://matrix.to/#/!OGEhHVWSdvArJzumhm:matrix.org/$3CNYJIakytzbO6qI4eR8JmCVJUMUUm57YmjJJIOR-ic # abuse@matrix.org: https://matrix.to/#/!OGEhHVWSdvArJzumhm:matrix.org/$3CNYJIakytzbO6qI4eR8JmCVJUMUUm57YmjJJIOR-ic
  • en/tecdoc/abusenotif.1615997827.txt.gz
  • Last modified: 2021/03/17 16:17
  • by jomat