abuseIPDB cache update & Nuget updates

FallenDev · FallenDev · commit e2f6397adf8b · 2025-12-02T13:17:28.000-05:00
diff --git a/Zolian.GameServer/Zolian.GameServer.csproj b/Zolian.GameServer/Zolian.GameServer.csproj
@@ -50,12 +50,12 @@
 		<PackageReference Include="Sentry" Version="5.16.2" />
 		<PackageReference Include="Sentry.Extensions.Logging" Version="5.16.2" />
 		<PackageReference Include="Sentry.Profiling" Version="5.16.2" />
-		<PackageReference Include="Serilog.Extensions.Logging" Version="9.0.2" />
+		<PackageReference Include="Serilog.Extensions.Logging" Version="10.0.0" />
 		<PackageReference Include="Serilog.Sinks.Async" Version="2.1.0" />
 		<PackageReference Include="Serilog.Sinks.Console" Version="6.1.1" />
 		<PackageReference Include="Serilog.Sinks.File" Version="7.0.0" />
-		<PackageReference Include="ServiceStack" Version="8.10.0" />
-		<PackageReference Include="ServiceStack.Text" Version="8.10.0" />
+		<PackageReference Include="ServiceStack" Version="10.0.0" />
+		<PackageReference Include="ServiceStack.Text" Version="10.0.0" />
 	</ItemGroup>
 
 	<ItemGroup>
diff --git a/Zolian.Server.Base/Network/Server/BadActor.cs b/Zolian.Server.Base/Network/Server/BadActor.cs
@@ -18,7 +18,13 @@ public class ReportInfo
 public static class BadActor
 {
     private static readonly IMemoryCache IpCache = new MemoryCache(new MemoryCacheOptions());
-    private static readonly TimeSpan CacheDuration = TimeSpan.FromMinutes(10);
+
+    // Good actors: cache “clean” for 30 days
+    private static readonly TimeSpan CacheDurationGoodActor = TimeSpan.FromDays(30);
+    // Bad actors: re-check every 5 days so reputation/ownership can change
+    private static readonly TimeSpan CacheDurationBadActor = TimeSpan.FromDays(5);
+    // AbuseIPDB API is down or unreachable
+    private static readonly TimeSpan CacheDurationFailure = TimeSpan.FromMinutes(10);
 
     private static readonly ConcurrentQueue<ReportInfo> RetryQueue = [];
     private static bool _isProcessingQueue;
@@ -39,8 +45,13 @@ private readonly struct IpCacheEntry
 
     public static async Task<bool> ClientOnBlackListAsync(string remoteIp)
     {
+        // Malformed / empty IPs are always blocked
         if (string.IsNullOrWhiteSpace(remoteIp) || !IPAddress.TryParse(remoteIp, out _)) return true;
+
+        // Localhost and internal IPs are never blocked
         if (remoteIp is "127.0.0.1" or InternalIp) return false;
+
+        // Is the IP cached? Return the cached result
         if (IpCache.TryGetValue(remoteIp, out IpCacheEntry entry)) return entry.IsBlocked;
 
         try
@@ -75,13 +86,14 @@ public static async Task<bool> ClientOnBlackListAsync(string remoteIp)
                 var isDisallowed = IsDisallowedUsageType(usageType);
                 var isVpnBot = IsVpnBotUsageType(usageType) && abuseScore >= 3;
 
-                // Block disallowed, no need to report
+                // 1) Hard-disallowed: IPv6, non-public, disallowed usage, or blacklisted ISP
                 if (ipVersion == 6 || isPublic == false || isDisallowed || IsBlackListed(isp))
                 {
-                    IpCache.Set(remoteIp, new IpCacheEntry { IsBlocked = true }, CacheDuration);
+                    IpCache.Set(remoteIp, new IpCacheEntry { IsBlocked = true }, CacheDurationBadActor);
                     return true;
                 }
 
+                // 2) VPN / data-center with bad abuse score
                 if (isVpnBot)
                 {
                     shouldBlock = true;
@@ -90,6 +102,7 @@ public static async Task<bool> ClientOnBlackListAsync(string remoteIp)
                         shouldBlock = false;
                 }
 
+                // 3) General abuse / TOR handling
                 if (isBlocked)
                 {
                     shouldBlock = true;
@@ -107,7 +120,10 @@ public static async Task<bool> ClientOnBlackListAsync(string remoteIp)
                     }
                 }
 
-                IpCache.Set(remoteIp, new IpCacheEntry { IsBlocked = shouldBlock }, CacheDuration);
+                // 4) Cache result with different TTLs for good vs bad actors
+                var ttl = shouldBlock ? CacheDurationBadActor : CacheDurationGoodActor;
+
+                IpCache.Set(remoteIp, new IpCacheEntry { IsBlocked = shouldBlock }, ttl);
                 return shouldBlock;
             }
 
@@ -119,7 +135,8 @@ public static async Task<bool> ClientOnBlackListAsync(string remoteIp)
             SentrySdk.CaptureException(ex);
         }
 
-        IpCache.Set(remoteIp, new IpCacheEntry { IsBlocked = false }, TimeSpan.FromMinutes(1));
+        // Fallback: API failure / unexpected flow -> treat as not blocked, but cache briefly
+        IpCache.Set(remoteIp, new IpCacheEntry { IsBlocked = false }, CacheDurationFailure);
         return false;
     }
 
diff --git a/Zolian.Server.Base/Zolian.Server.Base.csproj b/Zolian.Server.Base/Zolian.Server.Base.csproj
@@ -47,13 +47,13 @@
 		<PackageReference Include="Microsoft.Data.SqlClient" Version="7.0.0-preview2.25289.6" />
 		<PackageReference Include="Microsoft.DependencyValidation.Analyzers" Version="0.11.0" />
 		<PackageReference Include="Newtonsoft.Json" Version="13.0.4" />
-		<PackageReference Include="RestSharp" Version="112.1.0" />
+		<PackageReference Include="RestSharp" Version="113.0.0" />
 		<PackageReference Include="Sentry" Version="5.16.2" />
 		<PackageReference Include="Sentry.Extensions.Logging" Version="5.16.2" />
 		<PackageReference Include="Sentry.Profiling" Version="5.16.2" />
 		<PackageReference Include="Serilog.Sinks.File" Version="7.0.0" />
-		<PackageReference Include="ServiceStack" Version="8.10.0" />
-		<PackageReference Include="ServiceStack.Text" Version="8.10.0" />
+		<PackageReference Include="ServiceStack" Version="10.0.0" />
+		<PackageReference Include="ServiceStack.Text" Version="10.0.0" />
 		<PackageReference Include="SunCalcNet" Version="1.2.4" />
 	</ItemGroup>
 
diff --git a/ZolianTest/ZolianTest.csproj b/ZolianTest/ZolianTest.csproj
@@ -27,8 +27,8 @@
 		<PackageReference Include="Sentry" Version="5.16.2" />
 		<PackageReference Include="Sentry.Extensions.Logging" Version="5.16.2" />
 		<PackageReference Include="Sentry.Profiling" Version="5.16.2" />
-		<PackageReference Include="ServiceStack" Version="8.10.0" />
-		<PackageReference Include="ServiceStack.Text" Version="8.10.0" />
+		<PackageReference Include="ServiceStack" Version="10.0.0" />
+		<PackageReference Include="ServiceStack.Text" Version="10.0.0" />
 	</ItemGroup>
 
 	<ItemGroup>

Original file line number	Diff line number	Diff line change
`@@ -18,7 +18,13 @@ public class ReportInfo`
`18`	`18`	`public static class BadActor`
`19`	`19`	`{`
`20`	`20`	`private static readonly IMemoryCache IpCache = new MemoryCache(new MemoryCacheOptions());`
`21`		`- private static readonly TimeSpan CacheDuration = TimeSpan.FromMinutes(10);`
	`21`	`+`
	`22`	`+ // Good actors: cache “clean” for 30 days`
	`23`	`+ private static readonly TimeSpan CacheDurationGoodActor = TimeSpan.FromDays(30);`
	`24`	`+ // Bad actors: re-check every 5 days so reputation/ownership can change`
	`25`	`+ private static readonly TimeSpan CacheDurationBadActor = TimeSpan.FromDays(5);`
	`26`	`+ // AbuseIPDB API is down or unreachable`
	`27`	`+ private static readonly TimeSpan CacheDurationFailure = TimeSpan.FromMinutes(10);`
`22`	`28`
`23`	`29`	`private static readonly ConcurrentQueue<ReportInfo> RetryQueue = [];`
`24`	`30`	`private static bool _isProcessingQueue;`
`@@ -39,8 +45,13 @@ private readonly struct IpCacheEntry`
`39`	`45`
`40`	`46`	`public static async Task<bool> ClientOnBlackListAsync(string remoteIp)`
`41`	`47`	`{`
	`48`	`+ // Malformed / empty IPs are always blocked`
`42`	`49`	`if (string.IsNullOrWhiteSpace(remoteIp) \|\| !IPAddress.TryParse(remoteIp, out _)) return true;`
	`50`	`+`
	`51`	`+ // Localhost and internal IPs are never blocked`
`43`	`52`	`if (remoteIp is "127.0.0.1" or InternalIp) return false;`
	`53`	`+`
	`54`	`+ // Is the IP cached? Return the cached result`
`44`	`55`	`if (IpCache.TryGetValue(remoteIp, out IpCacheEntry entry)) return entry.IsBlocked;`
`45`	`56`
`46`	`57`	`try`
`@@ -75,13 +86,14 @@ public static async Task<bool> ClientOnBlackListAsync(string remoteIp)`
`75`	`86`	`var isDisallowed = IsDisallowedUsageType(usageType);`
`76`	`87`	`var isVpnBot = IsVpnBotUsageType(usageType) && abuseScore >= 3;`
`77`	`88`
`78`		`- // Block disallowed, no need to report`
	`89`	`+ // 1) Hard-disallowed: IPv6, non-public, disallowed usage, or blacklisted ISP`
`79`	`90`	`if (ipVersion == 6 \|\| isPublic == false \|\| isDisallowed \|\| IsBlackListed(isp))`
`80`	`91`	`{`
`81`		`- IpCache.Set(remoteIp, new IpCacheEntry { IsBlocked = true }, CacheDuration);`
	`92`	`+ IpCache.Set(remoteIp, new IpCacheEntry { IsBlocked = true }, CacheDurationBadActor);`
`82`	`93`	`return true;`
`83`	`94`	`}`
`84`	`95`
	`96`	`+ // 2) VPN / data-center with bad abuse score`
`85`	`97`	`if (isVpnBot)`
`86`	`98`	`{`
`87`	`99`	`shouldBlock = true;`
`@@ -90,6 +102,7 @@ public static async Task<bool> ClientOnBlackListAsync(string remoteIp)`
`90`	`102`	`shouldBlock = false;`
`91`	`103`	`}`
`92`	`104`
	`105`	`+ // 3) General abuse / TOR handling`
`93`	`106`	`if (isBlocked)`
`94`	`107`	`{`
`95`	`108`	`shouldBlock = true;`
`@@ -107,7 +120,10 @@ public static async Task<bool> ClientOnBlackListAsync(string remoteIp)`
`107`	`120`	`}`
`108`	`121`	`}`
`109`	`122`
`110`		`- IpCache.Set(remoteIp, new IpCacheEntry { IsBlocked = shouldBlock }, CacheDuration);`
	`123`	`+ // 4) Cache result with different TTLs for good vs bad actors`
	`124`	`+ var ttl = shouldBlock ? CacheDurationBadActor : CacheDurationGoodActor;`
	`125`	`+`
	`126`	`+ IpCache.Set(remoteIp, new IpCacheEntry { IsBlocked = shouldBlock }, ttl);`
`111`	`127`	`return shouldBlock;`
`112`	`128`	`}`
`113`	`129`
`@@ -119,7 +135,8 @@ public static async Task<bool> ClientOnBlackListAsync(string remoteIp)`
`119`	`135`	`SentrySdk.CaptureException(ex);`
`120`	`136`	`}`
`121`	`137`
`122`		`- IpCache.Set(remoteIp, new IpCacheEntry { IsBlocked = false }, TimeSpan.FromMinutes(1));`
	`138`	`+ // Fallback: API failure / unexpected flow -> treat as not blocked, but cache briefly`
	`139`	`+ IpCache.Set(remoteIp, new IpCacheEntry { IsBlocked = false }, CacheDurationFailure);`
`123`	`140`	`return false;`
`124`	`141`	`}`
`125`	`142`