Category: Software

Undefined and cache/xxx and invalid %-encoding weird requests

September 2, 2014 /

Recently I've been having a lot of weird looking requests that would end up reported in Errbit. Initially I thought that it is my fault but after double checking all the JS code, I would still get those errors.

Fixing this is quite easy. Undefined/cache/xxx requests come from Complitly malware chrome plugin. Solution to this is quite simple (source). Just add this to every page you have (or every with a form):

<script type="text/javascript">
    window.suggestmeyes_loaded = true;
</script>

this will stop the malware script.

The second issue:

ArgumentError: invalid %-encoding (arizona1�0���U��� scottsdale1%0#��U� ��starfield
technologies, inc.1301��U���*http://certs.starfieldtech.com/repository/1402��U���+starfield
secure certificate authority - g2/html>)

The rest of weird requests was coming from EasouSpider crawling engine. So just:

User-agent: EasouSpider
Disallow: /

and don't care anymore.

Nginx: Block access to certain parts of your app based on visitor country

August 20, 2014 /

It may be a good idea to enable some parts of your application based on a user country. You could do this on an application level:

require 'geoip'

# Controller code...
before_action do
  fail NotAllowed unless Country.allowed?(request.remote_ip)
end

But why would you want to store non-business logic like this in your app? ;) There's a much better solution: you can use the Nginx GeoIP Module.

To do so, you need to have Nginx compiled with a ngx_http_geoip_module. Run:

nginx -V

to see Nginx details. Look for --with-http_geoip_module. If you have it, you can use the GeoIP database with your Nginx instance.

Install the GeoIp database:

sudo apt-get install geoip-database libgeoip1
# you can also download it from here: http://geolite.maxmind.com

it will be stored in /usr/share/GeoIP/.

Now you need to edit /etc/nginx/nginx.conf file. Put following code in the http section:

geoip_country /usr/share/GeoIP/GeoIP.dat;
map $geoip_country_code $allowed_country {
  default no;
  PL yes;
  US yes;

We decided to blacklist every country except Poland and USA. Full list of countries and their appropriate codes can be found here. Of course instead of whitelisting you could always blacklist:

geoip_country /usr/share/GeoIP/GeoIP.dat;
map $geoip_country_code $allowed_country {
  default yes;
  PL no;
  US no;

This code won't block anything. It will just assign a yes/no value to a $geoip_country_code variable. You can then use it in your server block to allow/disallow access to certain parts of your application:

server {
  server_name  www.yourdomain.com;
  client_max_body_size 32M;
  keepalive_timeout 5;

  # Some other settings here

  error_page 403 /403.html;

  location /admin {
    if ($allowed_country = no) {
      return 403;
    }

    if (-f $request_filename) {
      break;
    }

    if (!-f $request_filename) {
      proxy_pass proxypasstargetsomewhere;
      break;
    }
  }
}

Copyright © 2025 Closer to Code

Theme by Anders NorenUp ↑