legitbot 0.4.3 → 1.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8fda0548715a5620a167c849abfaccfc67685c4f214f55247203a947faa7ea83
-  data.tar.gz: 2e60c4af14dbd7ac880850de0d4bb16a29936108b914860a0a00c4e9390d5bb9
+  metadata.gz: 6ddea94625712a0c61cf282d9e0cd16959e6af3ded7a9ac68afdd06ea12bfaef
+  data.tar.gz: 53964dca1f97a0814f1a1f01ef4d26b42caec804fdfce64f5db84127d9e13e71
 SHA512:
-  metadata.gz: 5f2a3ab613d87e13a014778ef95a6780732251a28c4e74eaf823c4b292598cfe3a41d36db481977a8ce7cfd6c8206ab55a8ac19300949344792e3b5d339380e6
-  data.tar.gz: 8ab7f3d7bc3e315fc485612b0f2c05e65205df2107f46390ca34a323960e470a6a3bd4b2086367738b6126af7038d725121086f45d77b9b6d635fae9a4e643dd
+  metadata.gz: 266e1b0c21f8180883390b40ef1e7907fc8756a66c52c0d05cb08d7d82ef29e807af1225b242b6c5745e1d69cebc1bd28fc3a8aa721ab989c614814d05f5bf7c
+  data.tar.gz: 4f424125b72d9e5efb91539d0f3c783b3c79d82720fdcbaa55f63ea31855ac3e1a677c2b48ce62c0a83d8354690ce358638797e1f6c207f224a2522a3c517c5b

data/.editorconfig

@@ -0,0 +1,17 @@
+root = true
+
+[*]
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+charset = utf-8
+
+indent_style = space
+indent_size = 2
+
+[*.md]
+trim_trailing_whitespace = false
+
+[*.yml]
+indent_style = space
+indent_size = 2

data/.github/workflows/build.yml

@@ -0,0 +1,60 @@
+name: build
+
+on: [pull_request, push]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby: [ jruby, 2.6 ]
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby }}
+    - name: Cache dependencies
+      uses: actions/cache@v1
+      with:
+        path: vendor/bundle
+        key: ${{ runner.os }}-${{ matrix.ruby }}-gems-${{ hashFiles('**/Gemfile.lock') }}
+        restore-keys: |
+          ${{ runner.os }}-${{ matrix.ruby }}-gems-
+    - name: Install dependencies
+      run: |
+        bundle config path vendor/bundle
+        bundle install --jobs 4 --retry 3
+    - name: Run tests
+      run: bundle exec rake test
+
+  lint:
+    needs: test
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        ruby: [ 2.6 ]
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby }}
+    - name: Cache dependencies
+      uses: actions/cache@v1
+      with:
+        path: vendor/bundle
+        key: ${{ runner.os }}-${{ matrix.ruby }}-gems-${{ hashFiles('**/Gemfile.lock') }}
+        restore-keys: |
+          ${{ runner.os }}-${{ matrix.ruby }}-gems-
+    - name: Install dependencies
+      run: |
+        bundle config path vendor/bundle
+        bundle install --jobs 4 --retry 3
+    - name: Run linter
+      run: bundle exec rubocop

data/.gitignore

@@ -4,3 +4,4 @@ Gemfile.lock
 *.gemfile.lock
 /pkg
 /tags
+/vendor

data/.rubocop.yml

@@ -1,9 +1,3 @@
 AllCops:
-  Include:
-    - '**/*.gemspec'
-    - '**/Gemfile'
-    - '**/Rakefile'
-    - 'lib/**/*.rb'
-    - 'test/**/*.rb'
-  Exclude:
-    - 'pkg/**'
+  CacheRootDirectory: 'vendor'
+  NewCops: enable

data/.ruby-version

@@ -0,0 +1 @@
+2.4

data/README.md

@@ -1,4 +1,4 @@
-# Legitbot [![Build Status](https://secure.travis-ci.org/alaz/legitbot.png?branch=master)](http://travis-ci.org/alaz/legitbot) [![Gem Version](https://badge.fury.io/rb/legitbot.svg)](https://badge.fury.io/rb/legitbot)
+# Legitbot ![](https://github.com/alaz/legitbot/workflows/build/badge.svg) [![Gem Version](https://badge.fury.io/rb/legitbot.svg)](https://badge.fury.io/rb/legitbot)
 
 Ruby gem to check that an IP belongs to a bot, typically a search
 engine. This can be of help in protecting a web site from fake search
@@ -44,6 +44,7 @@ end
 ## Supported
 
 * [Ahrefs](https://ahrefs.com/robot)
+* [Alexa](https://support.alexa.com/hc/en-us/articles/360046707834-What-are-the-IP-addresses-for-Alexa-s-Certify-and-Site-Audit-crawlers-)
 * [Applebot](https://support.apple.com/en-us/HT204683)
 * [Baidu spider](http://help.baidu.com/question?prod_en=master&class=498&id=1000973)
 * [Bingbot](https://blogs.bing.com/webmaster/2012/08/31/how-to-verify-that-bingbot-is-bingbot/)
@@ -67,3 +68,8 @@ Apache 2.0
   detects bots by `User-Agent`
 * [crawler_detect](https://github.com/loadkpi/crawler_detect) is a Ruby gem and Rack
   middleware to detect crawlers by few different request headers, including `User-Agent`
+* Project Honeypot's
+  [http:BL](https://www.projecthoneypot.org/httpbl_api.php) can not only
+  classify IP as a search engine, but also label them as suspicious and
+  reports the number of days since the last activity. My implementation of
+  the protocol in Scala is [here](https://github.com/osinka/httpbl).

data/legitbot.gemspec

@@ -14,13 +14,13 @@ Gem::Specification.new do |spec|
   spec.summary = 'Validate requests from Web crawlers: impersonating or not?'
   spec.description = 'Does Web request come from a real search engine or from an impersonating agent?'
 
-  spec.required_ruby_version = '>= 2.3.0'
+  spec.required_ruby_version = '>= 2.4.0'
   spec.add_dependency 'augmented_interval_tree', '~> 0.1', '>= 0.1.1'
   spec.add_dependency 'irrc', '~> 0.2', '>= 0.2.1'
   spec.add_development_dependency 'bump', '~> 0.8', '>= 0.8.0'
   spec.add_development_dependency 'minitest', '~> 5.1', '>= 5.1.0'
   spec.add_development_dependency 'rake', '~> 12.3', '>= 12.3.0'
-  spec.add_development_dependency 'rubocop', '~> 0.74', '>= 0.74.0'
+  spec.add_development_dependency 'rubocop', '~> 0.90', '< 0.91'
 
   spec.files = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
   spec.rdoc_options = ['--charset=UTF-8']

data/lib/legitbot.rb

@@ -4,6 +4,7 @@ require_relative 'legitbot/legitbot'
 require_relative 'legitbot/botmatch'
 
 require_relative 'legitbot/ahrefs'
+require_relative 'legitbot/alexa'
 require_relative 'legitbot/apple'
 require_relative 'legitbot/baidu'
 require_relative 'legitbot/bing'

data/lib/legitbot/alexa.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Legitbot # :nodoc:
+  # https://support.alexa.com/hc/en-us/articles/360046707834-What-are-the-IP-addresses-for-Alexa-s-Certify-and-Site-Audit-crawlers-
+  # https://support.alexa.com/hc/en-us/articles/200462340
+  # https://support.alexa.com/hc/en-us/articles/200450194
+  class Alexa < BotMatch
+    ip_ranges %w[
+      52.86.176.3
+      52.4.48.181
+      52.2.182.169
+      52.86.185.29
+    ]
+  end
+
+  rule Legitbot::Alexa, %w[Alexabot ia_archiver]
+end

data/lib/legitbot/legitbot.rb

@@ -18,6 +18,7 @@ module Legitbot
   # otherwise.
   # :yields: a found bot
   #
+  # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
   def self.bot(user_agent, ip)
     bots = @rules
            .select { |rule| rule[:fragments].any? { |f| user_agent.index f } }
@@ -32,6 +33,7 @@ module Legitbot
       selected
     end
   end
+  # rubocop:enable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
 
   def self.rule(clazz, fragments)
     @rules << { class: clazz, fragments: fragments }

data/lib/legitbot/validators/ip_ranges.rb

@@ -40,7 +40,7 @@ module Legitbot
 
           obj = IPAddr.new(ip)
           ranges = valid_ips[obj.ipv4? ? :ipv4 : :ipv6].search(obj.to_i)
-          !ranges.empty?
+          !ranges.nil? && !ranges.empty?
         end
 
         def valid_ips
@@ -59,22 +59,26 @@ module Legitbot
           partition_ips(@ip_ranges_loader.call)
         end
 
-        # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
         def partition_ips(ips)
-          return [] if ips.empty?
+          return [] unless ips&.any?
 
           ips
             .map { |cidr| IPAddr.new(cidr) }
             .partition(&:ipv4?)
             .each_with_index
             .map do |list, index|
-              ranges = list.map(&:to_range).map do |r|
-                (r.begin.to_i..r.end.to_i)
-              end
-              [FAMILIES[index], IntervalTree::Tree.new(ranges)]
+              [FAMILIES[index], build_interval_tree(list)]
             end.to_h
         end
-        # rubocop:enable Metrics/AbcSize, Metrics/MethodLength
+
+        private
+
+        def build_interval_tree(list)
+          ranges = list.map(&:to_range).map do |r|
+            (r.begin.to_i..r.end.to_i)
+          end
+          IntervalTree::Tree.new(ranges)
+        end
       end
     end
   end

data/lib/legitbot/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Legitbot
-  VERSION = '0.4.3'
+  VERSION = '1.1.1'
 end

data/test/alexa_test.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require 'minitest/autorun'
+require 'legitbot'
+
+class AlexaTest < Minitest::Test
+  def test_malicious_ip
+    ip = '149.210.164.47'
+    match = Legitbot::Alexa.new ip
+    assert !match.valid?, msg: "#{ip} is not a real Alexa IP"
+  end
+
+  def test_valid_ip
+    ip = '52.86.176.3'
+    match = Legitbot::Alexa.new ip
+    assert match.valid?, msg: "#{ip} is a valid Alexa IP"
+  end
+
+  def test_malicious_ua
+    bot = Legitbot.bot(
+      'Mozilla/5.0 (compatible; Alexabot/1.0; +http://www.alexa.com/help/certifyscan; certifyscan@alexa.com)',
+      '149.210.164.47'
+    )
+    assert bot, msg: 'Alexa detected from User-Agent'
+    assert !bot.valid?, msg: 'Not a valid Alexa'
+  end
+
+  def test_valid_ua
+    bot = Legitbot.bot(
+      'Mozilla/5.0 (compatible; Alexabot/1.0; +http://www.alexa.com/help/certifyscan; certifyscan@alexa.com)',
+      '52.86.176.3'
+    )
+    assert bot, msg: 'Alexa detected from User-Agent'
+    assert bot.valid?, msg: 'Valid Alexa'
+  end
+end

data/test/apple_test.rb

@@ -16,7 +16,7 @@ class AppleTest < Minitest::Test
     assert match.fake?, msg: "#{ip} is a fake Applebot IP"
   end
 
-  # rubocop:disable Metrics/LineLength
+  # rubocop:disable Layout/LineLength
   def test_user_agent
     bot = Legitbot.bot(
       'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/600.2.5 (KHTML, like Gecko) Version/8.0.2 Safari/600.2.5 (Applebot/0.1; +http://www.apple.com/go/applebot)',
@@ -25,5 +25,5 @@ class AppleTest < Minitest::Test
     assert_equal :apple, bot.detected_as
     assert bot.valid?, msg: 'A valid Applebot User-agent and IP'
   end
-  # rubocop:enable Metrics/LineLength
+  # rubocop:enable Layout/LineLength
 end

data/test/facebook_test.rb

@@ -5,14 +5,14 @@ require 'legitbot'
 
 module Legitbot
   class Facebook
-    # rubocop:disable Metrics/LineLength
+    # rubocop:disable Layout/LineLength
     def self.whois
       {
         ipv4: ['69.63.176.0/20', '66.220.144.0/20', '66.220.144.0/21', '69.63.184.0/21', '69.63.176.0/21', '74.119.76.0/22', '69.171.255.0/24', '173.252.64.0/18', '69.171.224.0/19', '69.171.224.0/20', '103.4.96.0/22', '69.63.176.0/24', '173.252.64.0/19', '173.252.70.0/24', '31.13.64.0/18', '31.13.24.0/21', '66.220.152.0/21', '66.220.159.0/24', '69.171.239.0/24', '69.171.240.0/20', '31.13.64.0/19', '31.13.64.0/24', '31.13.65.0/24', '31.13.67.0/24', '31.13.68.0/24', '31.13.69.0/24', '31.13.70.0/24', '31.13.71.0/24', '31.13.72.0/24', '31.13.73.0/24', '31.13.74.0/24', '31.13.75.0/24', '31.13.76.0/24', '31.13.77.0/24', '31.13.96.0/19', '31.13.66.0/24', '173.252.96.0/19', '69.63.178.0/24', '31.13.78.0/24', '31.13.79.0/24', '31.13.80.0/24', '31.13.82.0/24', '31.13.83.0/24', '31.13.84.0/24', '31.13.85.0/24', '31.13.86.0/24', '31.13.87.0/24', '31.13.88.0/24', '31.13.89.0/24', '31.13.90.0/24', '31.13.91.0/24', '31.13.92.0/24', '31.13.93.0/24', '31.13.94.0/24', '31.13.95.0/24', '69.171.253.0/24', '69.63.186.0/24', '31.13.81.0/24', '179.60.192.0/22', '179.60.192.0/24', '179.60.193.0/24', '179.60.194.0/24', '179.60.195.0/24', '185.60.216.0/22', '45.64.40.0/22', '185.60.216.0/24', '185.60.217.0/24', '185.60.218.0/24', '185.60.219.0/24', '129.134.0.0/16', '157.240.0.0/16', '157.240.8.0/24', '157.240.0.0/24', '157.240.1.0/24', '157.240.2.0/24', '157.240.3.0/24', '157.240.4.0/24', '157.240.5.0/24', '157.240.6.0/24', '157.240.7.0/24', '157.240.9.0/24', '157.240.10.0/24', '157.240.16.0/24', '157.240.19.0/24', '157.240.11.0/24', '157.240.12.0/24', '157.240.13.0/24', '157.240.14.0/24', '157.240.15.0/24', '157.240.17.0/24', '157.240.18.0/24', '157.240.20.0/24', '157.240.21.0/24', '157.240.22.0/24', '157.240.23.0/24', '157.240.0.0/17', '69.171.250.0/24', '157.240.24.0/24', '157.240.25.0/24', '199.201.64.0/24', '199.201.65.0/24', '199.201.64.0/22', '204.15.20.0/22', '157.240.192.0/24', '129.134.0.0/17', '157.240.198.0/24'],
         ipv6: []
       }
     end
-    # rubocop:enable Metrics/LineLength
+    # rubocop:enable Layout/LineLength
   end
 end
 
@@ -33,7 +33,7 @@ class FacebookTest < Minitest::Test
     assert match.fake?, msg: "#{ip} is a fake Facebook IP"
   end
 
-  # rubocop:disable Metrics/LineLength, Metrics/MethodLength
+  # rubocop:disable Layout/LineLength, Metrics/MethodLength
   def test_user_agent
     Legitbot.bot(
       'facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)',
@@ -59,5 +59,5 @@ class FacebookTest < Minitest::Test
       assert bot.fake?, msg: 'fake Facebook'
     end
   end
-  # rubocop:enable Metrics/LineLength, Metrics/MethodLength
+  # rubocop:enable Layout/LineLength, Metrics/MethodLength
 end

data/test/legitbot/validators/ip_ranges_test.rb

@@ -46,6 +46,16 @@ module Legitbot
       end
     end
 
+    class NilRanges
+      include IpRanges
+      ip_ranges { nil }
+    end
+
+    class Ipv4Ranges
+      include IpRanges
+      ip_ranges { ['66.220.144.0/21'] }
+    end
+
     class IpRangesTest < Minitest::Test
       def test_partition_method
         empty = NoRanges.partition_ips([])
@@ -108,6 +118,14 @@ module Legitbot
         assert_equal 2, LoadRanges.counter
       end
       # rubocop:enable Metrics/AbcSize
+
+      def test_nil_ranges
+        assert NilRanges.valid_ip?('127.0.0.1')
+      end
+
+      def test_ipv4_only_ranges
+        refute Ipv4Ranges.valid_ip?('2a03:2880:f234:0:0:0:0:1')
+      end
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: legitbot
 version: !ruby/object:Gem::Version
-  version: 0.4.3
+  version: 1.1.1
 platform: ruby
 authors:
 - Alexander Azarov
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-04-19 00:00:00.000000000 Z
+date: 2020-09-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: augmented_interval_tree
@@ -116,20 +116,20 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.74'
-    - - ">="
+        version: '0.90'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: 0.74.0
+        version: '0.91'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.74'
-    - - ">="
+        version: '0.90'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: 0.74.0
+        version: '0.91'
 description: Does Web request come from a real search engine or from an impersonating
   agent?
 email: self@alaz.me
@@ -137,9 +137,11 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".editorconfig"
+- ".github/workflows/build.yml"
 - ".gitignore"
 - ".rubocop.yml"
-- ".travis.yml"
+- ".ruby-version"
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -147,6 +149,7 @@ files:
 - legitbot.gemspec
 - lib/legitbot.rb
 - lib/legitbot/ahrefs.rb
+- lib/legitbot/alexa.rb
 - lib/legitbot/apple.rb
 - lib/legitbot/baidu.rb
 - lib/legitbot/bing.rb
@@ -164,6 +167,7 @@ files:
 - lib/legitbot/version.rb
 - lib/legitbot/yandex.rb
 - test/ahrefs_test.rb
+- test/alexa_test.rb
 - test/apple_as_google_test.rb
 - test/apple_test.rb
 - test/botmatch_test.rb
@@ -179,7 +183,7 @@ homepage: https://github.com/alaz/legitbot
 licenses:
 - Apache-2.0
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options:
 - "--charset=UTF-8"
 require_paths:
@@ -188,7 +192,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.3.0
+      version: 2.4.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -196,7 +200,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.2
-signing_key: 
+signing_key:
 specification_version: 4
 summary: 'Validate requests from Web crawlers: impersonating or not?'
 test_files:
@@ -204,6 +208,7 @@ test_files:
 - test/legitbot/validators/domains_test.rb
 - test/legitbot/validators/ip_ranges_test.rb
 - test/pinterest_test.rb
+- test/alexa_test.rb
 - test/ahrefs_test.rb
 - test/apple_test.rb
 - test/apple_as_google_test.rb

data/.travis.yml

@@ -1,12 +0,0 @@
-sudo: false
-language: ruby
-cache: bundler
-rvm:
-  - 2.5
-  - 2.3
-  - jruby-head
-jdk:
-  - openjdk8
-before_install:
-  - gem update --system
-  - gem install bundler