久久久久av_欧美日韩一区二区在线_国产精品三区四区_日韩中字在线

Discuz! 官方交流社區

標題: 怎么防止惡意掃描 [打印本頁]
作者: ysx24    時間: 2025-3-14 17:05
標題: 怎么防止惡意掃描
查看服務器日志發現大量掃描/forum.php?mod=attachment開頭的URL,光這個掃描記錄好長好長下拉都拉不完,問題訪問的ip很少有重復的,很多的ip

雖然都被攔截了但也大量消耗資源引起網站卡頓延遲

怎么設置論壇未登錄用戶嘗試訪問附件下載路徑 /forum.php?mod=attachment&aid=
開頭自動封禁ip N小時
截取的片段:

  2. mod=attachment&aid=MzQzfDA3NTUwNTg4fDE3NDE5MjAzMTd8MHw2Mg%3D%3D HTTP/2.0", upstream: "fastcgi://unix:/tmp/php-cgi-74.sock:", host: "www.nexora.net" 2025/03/14 12:55:41 [error] 993330#0: *44123 upstream prematurely closed FastCGI request while reading upstream, client: 113.103.140.245, server: www.nexora.net, request: "GET /forum.php?mod=attachment&aid=MzQzfDA3NTUwNTg4fDE3NDE5MjAzMTd8MHw2Mg%3D%3D HTTP/2.0", upstream: "fastcgi://unix:/tmp/php-cgi-74.sock:", host: "www.nexora.net" 2025/03/14 12:55:42 [error] 993330#0: *44105 upstream prematurely closed FastCGI request while reading upstream, client: 113.103.140.245, server: www.nexora.net, request: "GET /forum.php?mod=attachment&aid=MzQzfDA3NTUwNTg4fDE3NDE5MjAzMTd8MHw2Mg%3D%3D HTTP/2.0", upstream: "fastcgi://unix:/tmp/php-cgi-74.sock:", host: "www.nexora.net" 2025/03/14 13:13:34 [error] 993330#0: *44782 upstream prematurely closed FastCGI request while reading upstream, client: 183.166.136.44, server: www.nexora.net, request: "GET /forum.php?mod=attachment&aid=MzQzfDBlMTQwZmNkfDE3NDE5MjkxNTd8MHw2Mg%3D%3D HTTP/2.0", upstream: "fastcgi://unix:/tmp/php-cgi-74.sock:", host: "www.nexora.net" 2025/03/14 13:13:37 [error] 993330#0: *44792 upstream prematurely closed FastCGI request while reading upstream, client: 183.166.136.44, server: www.nexora.net, request: "GET /forum.php?mod=attachment&aid=MzQzfDBlMTQwZmNkfDE3NDE5MjkxNTd8MHw2Mg%3D%3D HTTP/2.0", upstream: "fastcgi://unix:/tmp/php-cgi-74.sock:", host: "www.nexora.net" 2025/03/14 13:35:07 [error] 993330#0: *45579 upstream prematurely closed FastCGI request while reading upstream, client: 180.119.26.92, server: www.nexora.net, request: "GET /forum.php?mod=attachment&aid=MzQzfDgxMTA5MzkzfDE3NDE5MjU4Mjd8MHw2Mg%3D%3D HTTP/2.0", upstream: "fastcgi://unix:/tmp/php-cgi-74.sock:", host: "www.nexora.net" 2025/03/14 14:45:29 [error] 993330#0: *48350 upstream prematurely closed FastCGI request while reading upstream, client: 112.194.91.181, server: www.nexora.net, request: "GET /forum.php?mod=attachment&aid=MzQzfDlmNDJlYjY5fDE3NDE5MzQ3Mjh8MHw2Mg%3D%3D HTTP/2.0", upstream: "fastcgi://unix:/tmp/php-cgi-74.sock:", host: "www.nexora.net" 2025/03/14 15:43:28 [error] 1259602#0: *50444 upstream prematurely closed FastCGI request while reading upstream, client: 183.166.136.99, server: www.nexora.net, request: "GET /forum.php?mod=attachment&aid=MzQzfGFmZGI0YWUzfDE3NDE5MzgyMDB8MHw2Mg%3D%3D HTTP/2.0", upstream: "fastcgi://unix:/tmp/php-cgi-74.sock:", host: "www.nexora.net" 2025/03/14 15:43:35 [error] 1259602#0: *50449 upstream prematurely closed FastCGI request while reading upstream, client: 183.166.136.99, server: www.nexora.net, request: "GET /forum.php?mod=attachment&aid=MzQzfGFmZGI0YWUzfDE3NDE5MzgyMDB8MHw2Mg%3D%3D HTTP/2.0", upstream: "fastcgi://unix:/tmp/php-cgi-74.sock:", host: "www.nexora.net"
復制代碼
作者: bug八阿哥    時間: 2025-3-14 22:23
寶塔有免費的防火墻 開啟UA攔截 禁止海外【最好是從域名解析那邊禁止海外】
作者: ysx24    時間: 2025-3-14 22:40
bug八阿哥 發表于 2025-3-14 22:23
寶塔有免費的防火墻 開啟UA攔截 禁止海外【最好是從域名解析那邊禁止海外】 ...

早封禁國外一年多了,都是國內的
我在研究看是用nginx實現還是利用dz自帶功能修改代碼實現
作者: bug八阿哥    時間: 2025-3-14 22:54
這是被爬了吧
作者: ysx24    時間: 2025-3-15 00:24
bug八阿哥 發表于 2025-3-14 22:54
這是被爬了吧

無所謂了
已經把日志中的所有IP利用ai全部提取出來,不管是掃描器或者是爬蟲,只要帶mod=attachment路徑的,直接拎出來甩手全部扔進防火墻ip黑名單了,即便是爬蟲也是不遵守robots.txt協議無視User-agent: *

另外現在的大環境已經不靠SEO了
作者: skyer    時間: 2025-3-16 04:47
你在這里問這個問題就是多余
作者: ysx24    時間: 2025-3-16 13:22
skyer 發表于 2025-3-16 04:47
你在這里問這個問題就是多余

已經解決
source/module/forum/forum_attachment.php
增加判斷邏輯代碼
source/function/function_core.php
文件增加
添加全局函數,用于自動封禁 IP 并記錄日志,配合nginx設置,完成

回應你說的多余問題
另外我問的不是discuz問題么,為什么叫多余?
如果是經常解答問題的開發者這么說我無話可說 欣然接受,但你也是平等身份這么說不合適吧(Brain-dead)??
作者: 無言以對2012    時間: 2025-3-17 15:29
ysx24 發表于 2025-3-16 13:22
已經解決
source/module/forum/forum_attachment.php
增加判斷邏輯代碼

能否詳說下,我之前也遇到了,靠防火墻撐著,但攔截還是不夠徹底



歡迎光臨 Discuz! 官方交流社區 (http://www.9999xn.com/) Powered by Discuz! W1.0