Commit 737b4d6a authored by Carlos Torres's avatar Carlos Torres

Adding new parameter: enable_sc_logs_agent

parent 27678bd5
Pipeline #11096 passed with stage
in 59 seconds
......@@ -112,6 +112,7 @@ deployment_site_long_name: <your_name16> # Update this value with the value of y
deployment_site_long_secret: <your_secret16> # Update this value with the value of your deployment site's `secret16` you will create on the next step
enable_bots_blocking: false # true or false.
enable_images_optimization: false # true or false.
enable_sc_logs_agent: false # true or false.
improve_images_quality: false # true or false.
images_optimization_with_aws: false # true or false.
enable_usher3: false
......
# Enable bot blocking
ShimmerCat has a mechanism to automatically identify an IP address as a prospective bot,
and also to white-list the good bots, like Google's crawlers.
and also to white-list the good bots, like Google's crawlers.
Once bots are identified, the IP addresses that they use are automatically spread
to all the deployments, so you don't need to worry about that.
The bots blocking mechanism is disabled by default when a deployment is
The bots blocking mechanism is disabled by default when a deployment is
created, because it requires extra configuration to decide
what to do when a suspected bot visits the site.
what to do when a suspected bot visits the site.
When bot-blocking is enabled, ShimmerCat will redirect the suspected bot
When bot-blocking is enabled, ShimmerCat will redirect the suspected bot
to the URL path `/.well-known/shimmercat/bot-blocking?wants=<original-path>`.
That page should present the visitor a challenge, and forbid the visitor
from accessing any other resources in the site until it has proven
herself to be human.
That page should present the visitor a challenge, and forbid the visitor
from accessing any other resources in the site until it has proven
herself to be human.
The challenge page itself may need some static media to render correctly,
so any requests whose URL path start with `/.well-known` won't be blocked
The challenge page itself may need some static media to render correctly,
so any requests whose URL path start with `/.well-known` won't be blocked
by ShimmerCat, even if they come from a suspected bot.
If this exception for static assets is not enough, it is also possible to
If this exception for static assets is not enough, it is also possible to
host the static assets for the challenge page in a separate (sub-)domain.
### How to enable it?
We provide a ready-made challenge application and all the underlying logic in `sc_pack`,
We provide a ready-made challenge application and all the underlying logic in `sc_pack`,
just follow the instructions below:
Update your `sc_pack.conf.yaml` to have the values properly set for:
......@@ -49,7 +49,7 @@ and `google_recaptcha_site_secret` are real credentials we use for testing. We a
`test-accelerator.shimmercat.com` there, so you should be able to see the Google reCAPTCHA in place for this example.
Update your `devlove.yaml` so that it contains the
Update your `devlove.yaml` so that it contains the
`humanity_validator_host` and `humanity_validator_port` as the `bots` consultant.
In the example below we are using the combination `127.0.0.1:8080` for host and port:
......@@ -68,7 +68,7 @@ shimmercat-devlove:
application-protocol: http
```
We do this so that ShimmerCat can know what service that should be requested when a prospector bot makes a request to your website. Now run the `sc_pack supervisord` command to ensure the changes propagate to the `supervisor.conf`. After the bot-blocking challenge page is enabled, you should find a line like
We do this so that ShimmerCat can know what service that should be requested when a prospector bot makes a request to your website. Now run the `sc_pack supervisord` command to ensure the changes propagate to the `supervisor.conf`. After the bot-blocking challenge page is enabled, you should find a line like
the one below in your `supervisor/supervisor.conf` file:
```
......@@ -88,4 +88,4 @@ The humanity validator page we use by default can be replaced by a different one
you just have to contact us at [ops@shimmercat.com](mailto:ops@shimmercat.com) or through our <a href="https://shimmercatab.freshdesk.com/support/home" target="_blank">ticket system.</a> and we will help you with it.
<br>
<br>
\ No newline at end of file
<br>
......@@ -104,9 +104,10 @@ customer_id: <your_customer_id> # Received in the first step of the getting star
backup_config_secret: <your_backup_config_secret> # Received in the first step of the getting started tutorial
deployment_site_long_name: <your_name16> # Update this value with the value of your deployment site's `name16` you will create on the next step
deployment_site_long_secret: <your_secret16> # Update this value with the value of your deployment site's `secret16` you will create on the next step
enable_bots_blocking: false
enable_images_optimization: false
enable_usher3: false
enable_bots_blocking: false # true or false.
enable_images_optimization: false # true or false.
enable_sc_logs_agent: false # true or false.
enable_usher3: false # true or false.
usher3_max_overhead: 1.0
usher3_toilmore_subservice: light # light or lux
usher3_toilmore_api_version: 2020.1 # if light 2020.1, if lux 2020.4
......
......@@ -112,9 +112,10 @@ customer_id: <your_customer_id> # Received in the first step of the getting star
backup_config_secret: <your_backup_config_secret> # Received in the first step of the getting started tutorial
deployment_site_long_name: <your_name16> # Update this value with the value of your deployment site's `name16` you will create on the next step
deployment_site_long_secret: <your_secret16> # Update this value with the value of your deployment site's `secret16` you will create on the next step
enable_bots_blocking: false
enable_images_optimization: false
enable_usher3: false
enable_bots_blocking: false # true or false.
enable_images_optimization: false # true or false.
enable_sc_logs_agent: false # true or false.
enable_usher3: false # true or false.
usher3_max_overhead: 1.0
usher3_toilmore_subservice: light # light or lux
usher3_toilmore_api_version: 2020.1 # if light 2020.1, if lux 2020.4
......
......@@ -132,6 +132,7 @@ Below are descriptions of the variables that can be configured in the file `grou
| `http_port` | `8010`, `8011`, `8012`, etc. HTTP port where ShimmerCat listen. |
| `https_port` | `4010`, `4011`, `4012`, etc. HTTPS port where ShimmerCat listen. |
| `humanity_validator_port` | `8040`, `8041`, `8042`, etc. The port where the service that send the Google reCAPTCHA challenge will listen. Only needed if enable_bots_blocking is True. |
| `enable_sc_logs_agent` | True or False. |
| `enable_bots_blocking` | True or False. |
| `enable_images_optimization` | True or False. |
| `improve_images_quality` | True or False. |
......
......@@ -132,6 +132,7 @@ Below are descriptions of the variables that can be configured in the file `grou
| `http_port` | `8010`, `8011`, `8012`, etc. HTTP port where ShimmerCat listen. |
| `https_port` | `4010`, `4011`, `4012`, etc. HTTPS port where ShimmerCat listen. |
| `humanity_validator_port` | `8040`, `8041`, `8042`, etc. The port where the service that send the Google reCAPTCHA challenge will listen. Only needed if enable_bots_blocking is True. |
| `enable_sc_logs_agent` | True or False. |
| `enable_bots_blocking` | True or False. |
| `enable_images_optimization` | True or False. |
| `improve_images_quality` | True or False. |
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment