Introduce nginx hardening rules to avoid the service being flooded with spam requests

[warunawickramasingha]

It has been observed that the production errorreporter service is being flooded with bulks of spamy GET and POST requests most of the time and resulting(luckily) in 404 / 403 to paths like below.

GET /.env
GET /.env.production
GET /.git/config
GET /.ssh/id_rsa
GET /.aws/credentials
GET /.env.local
etc

Such requests usually come as bursts in DDoS fashion and are originating from malicious bots/crawlers from the internet. These can be mitigated by having better nginx hardening rules and rate limits.

[coderabbitai]

📝 CodeRabbit Plan Mode

Generate an implementation plan and prompts that you can use with your favorite coding agent.

• Create Plan

Examples

• Example 1
• Example 2

---

🧪 Issue enrichment is currently in open beta.

You can configure auto-planning by selecting labels in the issue_enrichment configuration.

To disable automatic issue enrichment, add the following to your .coderabbit.yaml:

issue_enrichment:
  auto_enrich:
    enabled: false

💬 Have feedback or questions? Drop into our discord or schedule a call!