Botwatcher
Botwatcher
Is a canary system for doorbot and toolbots based upon simple-canary
Accessible here: https://botwatcher.eehack.space/status
Runs in a docker container running on the main server.
Configuration
https://github.com/eehackspace/eeh-simple-canary
Traffic Path
user -> https://botwatcher.eehack.space -> cloudflare proxy with forced TLS termination -> EEH_IP:80 (http) -> Mikrotik Router Nat 80:2095 whitelisting only cloudflare IPs -> docker_ip:2095 -> nginx container 2095:80 then proxied via paths /status and /checkin -> docker_ip:54035 -> simple-canary:80
Firewall Rules
/ip firewall address-list add list=cloudflare_ipv4 address=173.245.48.0/20 add list=cloudflare_ipv4 address=103.21.244.0/22 add list=cloudflare_ipv4 address=103.22.200.0/22 add list=cloudflare_ipv4 address=103.31.4.0/22 add list=cloudflare_ipv4 address=141.101.64.0/18 add list=cloudflare_ipv4 address=108.162.192.0/18 add list=cloudflare_ipv4 address=190.93.240.0/20 add list=cloudflare_ipv4 address=188.114.96.0/20 add list=cloudflare_ipv4 address=197.234.240.0/22 add list=cloudflare_ipv4 address=198.41.128.0/17 add list=cloudflare_ipv4 address=162.158.0.0/15 add list=cloudflare_ipv4 address=172.64.0.0/13 add list=cloudflare_ipv4 address=131.0.72.0/22 add list=cloudflare_ipv4 address=104.16.0.0/13 add list=cloudflare_ipv4 address=104.24.0.0/14