Merge in changes#1
Conversation
Forked from https://github.com/Boundless-Zone/7g-nginx-rules Initial commit Add Amelia API exclusion rule Add README and instructions Add doc for Amelia rule Update README.md Update instructions for rules concerning WordPress plugins Rename amelia folder to ameliabooking Add WooCommerce Chita Delivery exclusion rules Add exclusion for woocommerce cancel order querystring Add exclusion for LoginPress customizer page Add exclusion for woocommerce order received callback page Add exclusion for contact form 7 db plugin export command Renamed readme files. Add exclusion for ithemes security 7 Fix title in readme Add the wp-rocket rule Add the loaderio rule Updated loaderio rule to match on user agent instead of url and support both verification and load requests Add the fbclid rule Add rule for delete requests sent to mainwp rest api
# Conflicts: # README.md # Woocommerce-chita-delivery/README.md # Woocommerce-chita-delivery/Woocommerce-chita-delivery-7g-context.conf
There was a problem hiding this comment.
Pull request overview
Adds new GridPane 7G Nginx firewall exception snippets for Beaver Builder editing URLs and for Ahrefs/bot whitelisting, plus accompanying documentation/credits updates.
Changes:
- Added a Beaver Builder exception to avoid triggering 7G rule 15 during editor/themer usage.
- Added Ahrefs-related whitelist/allowlist snippets and a short README with install instructions.
- Updated the root README with contributor credits.
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
beaver-builder/beaverbuilder-edit-url-block-7g-context.conf |
New rule snippet intended to bypass bad-request rule 15 when fl_builder is present in query args. |
beaver-builder/README.md |
Documentation for the Beaver Builder exception snippet. |
ahrefs/bad-bot-whitelist-7g-context.conf |
New snippet intended to disable the 7G bad-bot drop for a specific rule match. |
ahrefs/allow-bots-7g-bad-bot-context.conf |
New allowlist entry (likely for inclusion in a map) for specific bots. |
ahrefs/ahrefs-whitelist-7g-context.conf |
New IP-based whitelist intended to disable multiple 7G drops for Ahrefs traffic. |
ahrefs/README.md |
Documentation/instructions for installing the Ahrefs snippets. |
README.md |
Adds contributor credit section. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # Contributers | ||
| * Original Author: @@noamkfir Boundless-Zone/7g-nginx-rules | ||
| * Contributers: @jordantrizz, @pbran |
There was a problem hiding this comment.
Contributers is misspelled (should be Contributors) in the header and bullet, and @@noamkfir looks like an accidental double-@ mention. Please correct these so credits render properly in Markdown.
| # Contributers | |
| * Original Author: @@noamkfir Boundless-Zone/7g-nginx-rules | |
| * Contributers: @jordantrizz, @pbran | |
| # Contributors | |
| * Original Author: @noamkfir Boundless-Zone/7g-nginx-rules | |
| * Contributors: @jordantrizz, @pbran |
| if ($remote_addr ~* "( | ||
| 54.36.148.0/24| | ||
| 54.36.149.0/24| | ||
| 195.154.122.0/24| | ||
| 195.154.123.0/24| | ||
| 195.154.126.0/24| | ||
| 195.154.127.0/24| | ||
| 51.222.253.0/26| | ||
|
|
||
| )") { |
There was a problem hiding this comment.
The if ($remote_addr ~* ...) regex is listing CIDR blocks like 54.36.148.0/24, but remote_addr is a plain IP string, so these CIDR tokens will never match and the whitelist will be ineffective. Consider using a geo/map with CIDR support (or convert the ranges to a regex that matches the dotted-quad prefixes) and then branch on that variable instead.
| if ($remote_addr ~* "( | |
| 54.36.148.0/24| | |
| 54.36.149.0/24| | |
| 195.154.122.0/24| | |
| 195.154.123.0/24| | |
| 195.154.126.0/24| | |
| 195.154.127.0/24| | |
| 51.222.253.0/26| | |
| )") { | |
| if ($remote_addr ~* "^(54\.36\.148\.\d{1,3}|54\.36\.149\.\d{1,3}|195\.154\.122\.\d{1,3}|195\.154\.123\.\d{1,3}|195\.154\.126\.\d{1,3}|195\.154\.127\.\d{1,3}|51\.222\.253\.(?:[0-5]?\d|6[0-3]))$") { |
| if ( $args ~* ^(.*)fl_builder(.*)$ ) { | ||
| set $exclusion_rule_match 15; | ||
| } | ||
| if ($bad_request_7g = $exclusion_rule_match) { | ||
| set $7g_drop_bad_request 0; | ||
| } |
There was a problem hiding this comment.
Indentation/spacing in this snippet is inconsistent with the established style used in other *-7g-context.conf files (e.g., wp-rocket/wp-rocket-7g-context.conf:1-9): no leading spaces before if, spaces inside parentheses, and 4-space indentation for statements inside braces. Reformatting to match makes these rules much easier to scan and reduces copy/paste errors.
| if ( $args ~* ^(.*)fl_builder(.*)$ ) { | |
| set $exclusion_rule_match 15; | |
| } | |
| if ($bad_request_7g = $exclusion_rule_match) { | |
| set $7g_drop_bad_request 0; | |
| } | |
| if ( $args ~* ^(.*)fl_builder(.*)$ ) { | |
| set $exclusion_rule_match 15; | |
| } | |
| if ( $bad_request_7g = $exclusion_rule_match ) { | |
| set $7g_drop_bad_request 0; | |
| } |
| if ($bad_bot_7g) { | ||
| set $exclusion_rule_match 2001; | ||
| } | ||
| if ($bad_bot_7g = $exclusion_rule_match) { | ||
| set $7g_drop_bad_bot 0; |
There was a problem hiding this comment.
This file uses tabs and omits the spacing style used elsewhere for these rules (if ( $var ) { and 4-space indentation inside braces). Consider reformatting to match the existing *-7g-context.conf conventions (e.g., ameliabooking/ameliabooking-7g-context.conf:1-9) for readability and consistency.
| if ($bad_bot_7g) { | |
| set $exclusion_rule_match 2001; | |
| } | |
| if ($bad_bot_7g = $exclusion_rule_match) { | |
| set $7g_drop_bad_bot 0; | |
| if ( $bad_bot_7g ) { | |
| set $exclusion_rule_match 2001; | |
| } | |
| if ( $bad_bot_7g = $exclusion_rule_match ) { | |
| set $7g_drop_bad_bot 0; |
Sorry, I had these sitting for a while, and then had to rebase on top of the new code you added.