{
"event": "PreToolUse",
"tool_name": "Bash",
"tool_input": {
"command": "ssh root@prod.karlkratz.com 'cat > \/tmp\/bot-config-fix.sql << '\\''SQLEOF'\\''\n\n-- ============================================================\n-- Bot Config Fix: PROD (karlkratz_de)\n-- ============================================================\n\n-- 1. Clean stale rows in PROD\nDELETE FROM karlkratz_de.tenant_config WHERE section=\"bot\" AND config_key IN (\n \"whitelist.ips\", \"whitelist.user_agents\", \"whitelist.user_agent_patterns\",\n \"bot.whitelist.ips\", \"bot.whitelist.user_agents\", \"bot.whitelist.user_agent_patterns\",\n \"bot.settings\"\n);\n\n-- 2. Update whitelist with comprehensive patterns\nUPDATE karlkratz_de.tenant_config SET config_value = JSON_OBJECT(\n \"ips\", JSON_ARRAY(\n \"144.76.103.30\", \"148.251.27.17\", \"148.251.27.18\", \"127.0.0.1\", \"::1\",\n \"66.249.64.0\/19\", \"66.249.96.0\/19\", \"72.14.199.0\/24\", \"209.85.238.0\/24\",\n \"207.46.0.0\/16\", \"40.77.167.0\/24\", \"157.55.39.0\/24\",\n \"199.16.156.0\/22\", \"208.65.144.0\/20\", \"17.0.0.0\/8\"\n ),\n \"user_agents\", JSON_ARRAY(\n \"Googlebot\", \"Bingbot\", \"Slurp\", \"DuckDuckBot\", \"Applebot\",\n \"facebookexternalhit\", \"Twitterbot\", \"LinkedInBot\", \"WhatsApp\", \"Telegram\", \"karlsCORE\"\n ),\n \"user_agent_patterns\", JSON_ARRAY(\n \"Google.*Bot\", \"Googlebot\", \"FeedFetcher-Google\", \"Google-Read-Aloud\",\n \"Google-InspectionTool\", \"Google-Site-Verification\",\n \"Bing.*Bot\", \"Yahoo.*Slurp\", \"Applebot\", \"DuckDuckBot\",\n \"facebookexternalhit\", \"Twitterbot\", \"LinkedInBot\", \"Pinterest\",\n \"WhatsApp\", \"TelegramBot\", \"Slackbot\",\n \"GPTBot\", \"ChatGPT-User\", \"ClaudeBot\", \"Claude-Web\", \"anthropic-ai\",\n \"PerplexityBot\", \"OAI-SearchBot\",\n \"UptimeRobot\", \"Pingdom\", \"GTmetrix\", \"PageSpeed\", \"Lighthouse\",\n \"W3C_Validator\", \"Feedly\", \"Feedbin\"\n )\n) WHERE section=\"bot\" AND config_key=\"whitelist\";\n\n-- 3. Insert actions config\nINSERT INTO karlkratz_de.tenant_config (section, config_key, config_value, environment) VALUES\n(\"bot\", \"actions\", JSON_OBJECT(\n \"block_request\", CAST(TRUE AS JSON),\n \"add_to_ufw\", CAST(FALSE AS JSON),\n \"log_attempt\", CAST(TRUE AS JSON),\n \"return_403\", CAST(TRUE AS JSON),\n \"return_404\", CAST(FALSE AS JSON)\n), \"all\");\n\n-- 4. Insert blacklist config\nINSERT INTO karlkratz_de.tenant_config (section, config_key, config_value, environment) VALUES\n(\"bot\", \"blacklist\", JSON_OBJECT(\n \"user_agents\", JSON_ARRAY(\n \"AhrefsBot\", \"SemrushBot\", \"MJ12bot\", \"DotBot\", \"SiteAuditBot\",\n \"SEOkicks\", \"BLEXBot\", \"YandexBot\", \"PetalBot\", \"Sogou\",\n \"Baiduspider\", \"360Spider\", \"CCBot\", \"DataForSeoBot\", \"MegaIndex\",\n \"AspiegelBot\", \"Awario\", \"SEObility\", \"SurdotlyBot\", \"ZoominfoBot\",\n \"CensysInspect\", \"Nuclei\", \"gobuster\", \"sqlmap\", \"nmap\",\n \"masscan\", \"ZGrab\", \"Shodan\", \"censys\", \"BinaryEdge\"\n ),\n \"user_agent_patterns\", JSON_ARRAY(\n \".*[Ss]crape.*\", \".*penetration.*\", \".*vulnerability.*\",\n \".*security.*scan.*\", \".*hack.*\", \".*exploit.*\"\n )\n), \"all\");\n\n-- 5. Insert rate_limiting config\nINSERT INTO karlkratz_de.tenant_config (section, config_key, config_value, environment) VALUES\n(\"bot\", \"rate_limiting\", CAST('{\n \"enabled\": true,\n \"primary\": {\n \"requests_per_minute\": 45,\n \"burst_requests\": 12,\n \"burst_window_seconds\": 5\n },\n \"levels\": {\n \"gentle\": {\"requests\": 30, \"window_seconds\": 60, \"action\": \"log_warning\", \"penalty_duration\": 0},\n \"moderate\": {\"requests\": 60, \"window_seconds\": 60, \"action\": \"temporary_delay\", \"penalty_duration\": 30},\n \"aggressive\": {\"requests\": 90, \"window_seconds\": 60, \"action\": \"temporary_block\", \"penalty_duration\": 300},\n \"severe\": {\"requests\": 150, \"window_seconds\": 60, \"action\": \"block\", \"penalty_duration\": 3600}\n },\n \"tolerance_multipliers\": {\n \"authenticated_users\": 1.5,\n \"known_browsers\": 1.3,\n \"mobile_apps\": 1.2,\n \"api_clients\": 0.8,\n \"unknown\": 0.6,\n \"suspected_bots\": 0.3\n }\n}' AS JSON), \"all\");\n\n\n-- ============================================================\n-- Bot Config Fix: DEV (karlkratz_de_dev)\n-- ============================================================\n\n-- 1. Clean stale rows in DEV\nDELETE FROM karlkratz_de_dev.tenant_config WHERE section=\"bot\" AND config_key IN (\n \"whitelist.ips\", \"whitelist.user_agents\", \"whitelist.user_agent_patterns\",\n \"bot.whitelist.ips\", \"bot.whitelist.user_agents\", \"bot.whitelist.user_agent_patterns\",\n \"bot.settings\"\n);\n\n-- 2. Update whitelist (same as PROD)\nUPDATE karlkratz_de_dev.tenant_config SET config_value = JSON_OBJECT(\n \"ips\", JSON_ARRAY(\n \"144.76.103.30\", \"148.251.27.17\", \"148.251.27.18\", \"127.0.0.1\", \"::1\",\n \"66.249.64.0\/19\", \"66.249.96.0\/19\", \"72.14.199.0\/24\", \"209.85.238.0\/24\",\n \"207.46.0.0\/16\", \"40.77.167.0\/24\", \"157.55.39.0\/24\",\n \"199.16.156.0\/22\", \"208.65.144.0\/20\", \"17.0.0.0\/8\"\n ),\n \"user_agents\", JSON_ARRAY(\n \"Googlebot\", \"Bingbot\", \"Slurp\", \"DuckDuckBot\", \"Applebot\",\n \"facebookexternalhit\", \"Twitterbot\", \"LinkedInBot\", \"WhatsApp\", \"Telegram\", \"karlsCORE\"\n ),\n \"user_agent_patterns\", JSON_ARRAY(\n \"Google.*Bot\", \"Googlebot\", \"FeedFetcher-Google\", \"Google-Read-Aloud\",\n \"Google-InspectionTool\", \"Google-Site-Verification\",\n \"Bing.*Bot\", \"Yahoo.*Slurp\", \"Applebot\", \"DuckDuckBot\",\n \"facebookexternalhit\", \"Twitterbot\", \"LinkedInBot\", \"Pinterest\",\n \"WhatsApp\", \"TelegramBot\", \"Slackbot\",\n \"GPTBot\", \"ChatGPT-User\", \"ClaudeBot\", \"Claude-Web\", \"anthropic-ai\",\n \"PerplexityBot\", \"OAI-SearchBot\",\n \"UptimeRobot\", \"Pingdom\", \"GTmetrix\", \"PageSpeed\", \"Lighthouse\",\n \"W3C_Validator\", \"Feedly\", \"Feedbin\"\n )\n) WHERE section=\"bot\" AND config_key=\"whitelist\";\n\n-- 3. Insert actions config\nINSERT INTO karlkratz_de_dev.tenant_config (section, config_key, config_value, environment) VALUES\n(\"bot\", \"actions\", JSON_OBJECT(\n \"block_request\", CAST(TRUE AS JSON),\n \"add_to_ufw\", CAST(FALSE AS JSON),\n \"log_attempt\", CAST(TRUE AS JSON),\n \"return_403\", CAST(TRUE AS JSON),\n \"return_404\", CAST(FALSE AS JSON)\n), \"all\");\n\n-- 4. Insert blacklist config\nINSERT INTO karlkratz_de_dev.tenant_config (section, config_key, config_value, environment) VALUES\n(\"bot\", \"blacklist\", JSON_OBJECT(\n \"user_agents\", JSON_ARRAY(\n \"AhrefsBot\", \"SemrushBot\", \"MJ12bot\", \"DotBot\", \"SiteAuditBot\",\n \"SEOkicks\", \"BLEXBot\", \"YandexBot\", \"PetalBot\", \"Sogou\",\n \"Baiduspider\", \"360Spider\", \"CCBot\", \"DataForSeoBot\", \"MegaIndex\",\n \"AspiegelBot\", \"Awario\", \"SEObility\", \"SurdotlyBot\", \"ZoominfoBot\",\n \"CensysInspect\", \"Nuclei\", \"gobuster\", \"sqlmap\", \"nmap\",\n \"masscan\", \"ZGrab\", \"Shodan\", \"censys\", \"BinaryEdge\"\n ),\n \"user_agent_patterns\", JSON_ARRAY(\n \".*[Ss]crape.*\", \".*penetration.*\", \".*vulnerability.*\",\n \".*security.*scan.*\", \".*hack.*\", \".*exploit.*\"\n )\n), \"all\");\n\n-- 5. Insert rate_limiting config\nINSERT INTO karlkratz_de_dev.tenant_config (section, config_key, config_value, environment) VALUES\n(\"bot\", \"rate_limiting\", CAST('{\n \"enabled\": true,\n \"primary\": {\n \"requests_per_minute\": 45,\n \"burst_requests\": 12,\n \"burst_window_seconds\": 5\n },\n \"levels\": {\n \"gentle\": {\"requests\": 30, \"window_seconds\": 60, \"action\": \"log_warning\", \"penalty_duration\": 0},\n \"moderate\": {\"requests\": 60, \"window_seconds\": 60, \"action\": \"temporary_delay\", \"penalty_duration\": 30},\n \"aggressive\": {\"requests\": 90, \"window_seconds\": 60, \"action\": \"temporary_block\", \"penalty_duration\": 300},\n \"severe\": {\"requests\": 150, \"window_seconds\": 60, \"action\": \"block\", \"penalty_duration\": 3600}\n },\n \"tolerance_multipliers\": {\n \"authenticated_users\": 1.5,\n \"known_browsers\": 1.3,\n \"mobile_apps\": 1.2,\n \"api_clients\": 0.8,\n \"unknown\": 0.6,\n \"suspected_bots\": 0.3\n }\n}' AS JSON), \"all\");\n\nSQLEOF\necho \"SQL file created\"'",
"description": "Create SQL migration script on server"
}
}