Update app.py

app.py

@@ -8,6 +8,7 @@
 ABUSEIPDB_API_KEY = os.environ.get('API_KEY', 'default_key')
 REPORT_INTERVAL = timedelta(minutes=15)
 reported_ips = {}
+MALICIOUS_USER_AGENTS = ["Go-http-client", "python", "sqlmap", "Nmap Scripting Engine", "pycurl"]
 
 def report_ip(ip, categories, comment):
   url = 'https://api.abuseipdb.com/api/v2/report'
@@ -82,6 +83,19 @@ def check_path():
       reported_ips[ip] = datetime.now()
     return '404'
 
+@app.before_request
+def check_user_agent():
+    user_agent = request.headers.get("User-Agent")
+    if user_agent:
+        for malicious_agent in MALICIOUS_USER_AGENTS:
+            if malicious_agent in user_agent:
+                ip = request.client_ip
+                if ip not in reported_ips or datetime.now() - reported_ips[ip] > REPORT_INTERVAL:
+                    save_to_file(ip)
+                    report_ip(ip, '18,19,21,15', f'Automated report for using malicious user-agent: {user_agent}')
+                    reported_ips[ip] = datetime.now()
+                break  # Exit the loop once a match is found
+
 @app.route('/<path:filename>')
 def report_rules(filename):
   ip = request.client_ip