From bbc093b4973e9958dc30d87617481035dfd78718 Mon Sep 17 00:00:00 2001
From: David Bailey <davidbailey.2889@gmail.com>
Date: Tue, 8 Apr 2025 10:05:13 +0200
Subject: [PATCH] feat(analytics): :sparkles: add filters/detectors for
 assumed-bogus requests

---
 dragon_fire.code-workspace  |  3 ++-
 www/src/setup/analytics.php | 41 +++++++++++++++++++++++++++++++++++++
 2 files changed, 43 insertions(+), 1 deletion(-)

diff --git a/dragon_fire.code-workspace b/dragon_fire.code-workspace
index f870583..265fc75 100644
--- a/dragon_fire.code-workspace
+++ b/dragon_fire.code-workspace
@@ -12,7 +12,8 @@
 			"search",
 			"templates",
 			"css",
-			"database"
+			"database",
+			"analytics"
 		]
 	}
 }
\ No newline at end of file
diff --git a/www/src/setup/analytics.php b/www/src/setup/analytics.php
index 91f032f..edeb50e 100644
--- a/www/src/setup/analytics.php
+++ b/www/src/setup/analytics.php
@@ -7,6 +7,22 @@ $analytics_post = null;
 
 $analytics_return_status = 200;
 
+$analytics_known_bogus_requests = [
+    '/\.(git|env|aws|xmlrpc|well-known|svn)/',
+    '/^\/wp-/',
+    '/^\/ID3/',
+    '/^\/config/',
+    '/^\/web\.config/',
+    '/^\/storage/',
+    '/^\/web\/config\.php/',
+    '/^\/phpinfo\.php/',
+    '/^\/swagger\.json/',
+    '/^\/package\.json/',
+    '/^\/info\.php/',
+    '/^\/db\.ini/',
+    '/^\/administrator/'
+];
+$analytics_request_is_bogus = null;
 
 function deduce_user_agent() {
     $real_agent=$_SERVER['HTTP_USER_AGENT'];
@@ -22,6 +38,27 @@ function deduce_user_agent() {
     }
 }
 
+function analytics_is_bogus_request() {
+    global $analytics_request_is_bogus;
+    global $analytics_known_bogus_requests;
+
+    global $REQUEST_PATH;
+
+    if(isset($analytics_request_is_bogus)) {
+        return $analytics_request_is_bogus;
+    }
+
+    foreach($analytics_known_bogus_requests AS $bogus_check) {
+        if(preg_match($bogus_check, $REQUEST_PATH)) {
+            $analytics_request_is_bogus = true;
+            return true;
+        }
+    }
+
+    $analytics_request_is_bogus = false;
+    return false;
+}
+
 function analytics_is_user() {
     return preg_match('/^user/', deduce_user_agent());
 }
@@ -50,6 +87,10 @@ register_shutdown_function(function() {
 
     $compute_time = $data_time_end - $data_time_start;
 
+    if(analytics_is_bogus_request()) {
+        $analytics_return_status = 'bogus';
+    }
+
     $analytics_adapter->log_path_access($REQUEST_PATH,
         deduce_user_agent(),
         $referrer,