Adjustments to IPDB Security

Author: FallenDev

Zolian.Server.Base/Models/Ipdb.cs

@@ -79,12 +79,6 @@ public class Data
     [JsonProperty("countryCode")]
     public string CountryCode { get; set; }
 
-    /// <summary>
-    /// Name for the country of address
-    /// </summary>
-    [JsonProperty("countryName")]
-    public string CountryName { get; set; }
-
     /// <summary>
     /// Usage type - (Reserved, Data Center, Web Hosting, Transit, etc)
     /// </summary>
@@ -112,6 +106,12 @@ public class Data
     [JsonProperty("isTor")]
     public bool IsTor { get; set; }
 
+    /// <summary>
+    /// Name for the country of address
+    /// </summary>
+    [JsonProperty("countryName")]
+    public string CountryName { get; set; }
+
     /// <summary>
     /// Number of reports against the Address
     /// </summary>

Zolian.Server.Base/Network/Server/BadActor.cs

@@ -64,6 +64,8 @@ public static async Task<bool> ClientOnBlackListAsync(string remoteIp)
             if (response.IsSuccessful)
             {
                 var ipdb = JsonConvert.DeserializeObject<Ipdb>(response.Content!);
+                var isPublic = ipdb?.Data?.IsPublic ?? false;
+                var ipVersion = ipdb?.Data?.IpVersion ?? 4;
                 var abuseScore = ipdb?.Data?.AbuseConfidenceScore ?? 0;
                 var tor = ipdb?.Data?.IsTor ?? false;
                 var usageType = ipdb?.Data?.UsageType;
@@ -74,8 +76,11 @@ public static async Task<bool> ClientOnBlackListAsync(string remoteIp)
                 var isVpnBot = IsVpnBotUsageType(usageType) && abuseScore >= 3;
 
                 // Block disallowed, no need to report
-                if (isDisallowed)
-                    shouldBlock = true;
+                if (ipVersion == 6 || isPublic == false || isDisallowed || IsBlackListed(isp))
+                {
+                    IpCache.Set(remoteIp, new IpCacheEntry { IsBlocked = true }, CacheDuration);
+                    return true;
+                }
 
                 if (isVpnBot)
                 {
@@ -328,12 +333,6 @@ private static void LogTor(string remoteIp, string reason)
         ReportTorEndpoint(remoteIp, $"Blocked due to {reason}");
     }
 
-    private static void LogBlockedType(string remoteIp, string reason)
-    {
-        ServerSetup.ConnectionLogger($"Blocking {remoteIp} - Usage: {reason}", LogLevel.Warning);
-        ReportSuspiciousEndpoint(remoteIp, "Blocked due to Web Spam or Port Scanning");
-    }
-
     private static bool IsDisallowedUsageType(string? usageType)
     {
         return usageType switch
@@ -358,5 +357,11 @@ private static bool IsVpnBotUsageType(string? usageType)
         _ => false
     };
 
+    private static bool IsBlackListed(string? isp) => isp switch
+    {
+        "Driftnet Ltd" or "DigitalOcean, LLC" => true,
+        _ => false
+    };
+
     private static bool IsKeyCodeValid(string? keyCode) => !string.IsNullOrWhiteSpace(keyCode);
 }