SPAM 要幹架嗎?.htacess 出招!
<FilesMatch "(.*)">
SetEnvIfNoCase user-agent "Mozilla\/4.0\ \(compatible;\ MSIE\ 6.0;\ Windows\ NT\ 5.1;\ SV1;\ MRA\ 4.3\ \(build\ 01218\)\)" bad_bot=1
Order Allow,Deny
Allow from all
Deny from env=bad_bot
</FilesMatch>
SetEnvIfNoCase user-agent "Mozilla\/4.0\ \(compatible;\ MSIE\ 6.0;\ Windows\ NT\ 5.1;\ SV1;\ MRA\ 4.3\ \(build\ 01218\)\)" bad_bot=1
Order Allow,Deny
Allow from all
Deny from env=bad_bot
</FilesMatch>
目前是安然過關的狀態,剛剛看系統的紀錄,至少已經擋掉上千筆了,這次能抓到一個固定模式,下次呢?若一直利用 apache 去擋會事件很辛苦的事情,要寫個即時監控,要寫個即時分析,再寫個自動化設定...算了~太累了吧!別鬧了!下次在遇到攻擊只能見招拆招了,這篇主要是告訴大家善用 .htaccess 可以擋掉很多惡意的攻擊,像是網路上就有一系列對於 user-agent 的防禦,如下:
SetEnvIfNoCase user-agent "^BlackWidow" bad_bot=1
SetEnvIfNoCase user-agent "^Bot\ mailto:[email protected]" bad_bot=1
SetEnvIfNoCase user-agent "^ChinaClaw" bad_bot=1
SetEnvIfNoCase user-agent "^Custo" bad_bot=1
SetEnvIfNoCase user-agent "^DISCo" bad_bot=1
SetEnvIfNoCase user-agent "^Download\ Demon" bad_bot=1
SetEnvIfNoCase user-agent "^eCatch" bad_bot=1
SetEnvIfNoCase user-agent "^EirGrabber" bad_bot=1
SetEnvIfNoCase user-agent "^EmailSiphon" bad_bot=1
SetEnvIfNoCase user-agent "^EmailWolf" bad_bot=1
SetEnvIfNoCase user-agent "^Express\ WebPictures" bad_bot=1
SetEnvIfNoCase user-agent "^ExtractorPro" bad_bot=1
SetEnvIfNoCase user-agent "^EyeNetIE" bad_bot=1
SetEnvIfNoCase user-agent "^FlashGet" bad_bot=1
SetEnvIfNoCase user-agent "^GetRight" bad_bot=1
SetEnvIfNoCase user-agent "^GetWeb!" bad_bot=1
SetEnvIfNoCase user-agent "^Go!Zilla" bad_bot=1
SetEnvIfNoCase user-agent "^Go-Ahead-Got-It" bad_bot=1
SetEnvIfNoCase user-agent "^GrabNet" bad_bot=1
SetEnvIfNoCase user-agent "^Grafula" bad_bot=1
SetEnvIfNoCase user-agent "^HMView" bad_bot=1
SetEnvIfNoCase user-agent “HTTrack” bad_bot=1
SetEnvIfNoCase user-agent "^Image\ Stripper" bad_bot=1
SetEnvIfNoCase user-agent "^Image\ Sucker" bad_bot=1
SetEnvIfNoCase user-agent "Indy\ Library" [NC,OR]
SetEnvIfNoCase user-agent "^InterGET" bad_bot=1
SetEnvIfNoCase user-agent "^Internet\ Ninja" bad_bot=1
SetEnvIfNoCase user-agent "^JetCar" bad_bot=1
SetEnvIfNoCase user-agent "^JOC\ Web\ Spider" bad_bot=1
SetEnvIfNoCase user-agent "^larbin" bad_bot=1
SetEnvIfNoCase user-agent "^LeechFTP" bad_bot=1
SetEnvIfNoCase user-agent "^Mass\ Downloader" bad_bot=1
SetEnvIfNoCase user-agent "^MIDown\ tool" bad_bot=1
SetEnvIfNoCase user-agent "^Mister\ PiX" bad_bot=1
SetEnvIfNoCase user-agent "^Navroad" bad_bot=1
SetEnvIfNoCase user-agent "^NearSite" bad_bot=1
SetEnvIfNoCase user-agent "^NetAnts" bad_bot=1
SetEnvIfNoCase user-agent "^NetSpider" bad_bot=1
SetEnvIfNoCase user-agent "^Net\ Vampire" bad_bot=1
SetEnvIfNoCase user-agent "^NetZIP" bad_bot=1
SetEnvIfNoCase user-agent "^Octopus" bad_bot=1
SetEnvIfNoCase user-agent "^Offline\ Explorer" bad_bot=1
SetEnvIfNoCase user-agent "^Offline\ Navigator" bad_bot=1
SetEnvIfNoCase user-agent "^PageGrabber" bad_bot=1
SetEnvIfNoCase user-agent "^Papa\ Foto" bad_bot=1
SetEnvIfNoCase user-agent "^pavuk" bad_bot=1
SetEnvIfNoCase user-agent "^pcBrowser" bad_bot=1
SetEnvIfNoCase user-agent "^RealDownload" bad_bot=1
SetEnvIfNoCase user-agent "^ReGet" bad_bot=1
SetEnvIfNoCase user-agent "^SiteSnagger" bad_bot=1
SetEnvIfNoCase user-agent "^SmartDownload" bad_bot=1
SetEnvIfNoCase user-agent "^SuperBot" bad_bot=1
SetEnvIfNoCase user-agent "^SuperHTTP" bad_bot=1
SetEnvIfNoCase user-agent "^Surfbot" bad_bot=1
SetEnvIfNoCase user-agent "^tAkeOut" bad_bot=1
SetEnvIfNoCase user-agent "^Teleport\ Pro" bad_bot=1
SetEnvIfNoCase user-agent "^VoidEYE" bad_bot=1
SetEnvIfNoCase user-agent "^Web\ Image\ Collector" bad_bot=1
SetEnvIfNoCase user-agent "^Web\ Sucker" bad_bot=1
SetEnvIfNoCase user-agent "^WebAuto" bad_bot=1
SetEnvIfNoCase user-agent "^WebCopier" bad_bot=1
SetEnvIfNoCase user-agent "^WebFetch" bad_bot=1
SetEnvIfNoCase user-agent "^WebGo\ IS" bad_bot=1
SetEnvIfNoCase user-agent "^WebLeacher" bad_bot=1
SetEnvIfNoCase user-agent "^WebReaper" bad_bot=1
SetEnvIfNoCase user-agent "^WebSauger" bad_bot=1
SetEnvIfNoCase user-agent "^Website\ eXtractor" bad_bot=1
SetEnvIfNoCase user-agent "^Website\ Quester" bad_bot=1
SetEnvIfNoCase user-agent "^WebStripper" bad_bot=1
SetEnvIfNoCase user-agent "^WebWhacker" bad_bot=1
SetEnvIfNoCase user-agent "^WebZIP" bad_bot=1
SetEnvIfNoCase user-agent "^Widow" bad_bot=1
SetEnvIfNoCase user-agent "^WWWOFFLE" bad_bot=1
SetEnvIfNoCase user-agent "^Xaldon\ WebSpider" bad_bot=1
SetEnvIfNoCase user-agent "^Zeus" bad_bot=1
<FilesMatch "(.*)">
Order Allow,Deny
Allow from all
Deny from env=bad_bot
</FilesMatch>
SetEnvIfNoCase user-agent "^Bot\ mailto:[email protected]" bad_bot=1
SetEnvIfNoCase user-agent "^ChinaClaw" bad_bot=1
SetEnvIfNoCase user-agent "^Custo" bad_bot=1
SetEnvIfNoCase user-agent "^DISCo" bad_bot=1
SetEnvIfNoCase user-agent "^Download\ Demon" bad_bot=1
SetEnvIfNoCase user-agent "^eCatch" bad_bot=1
SetEnvIfNoCase user-agent "^EirGrabber" bad_bot=1
SetEnvIfNoCase user-agent "^EmailSiphon" bad_bot=1
SetEnvIfNoCase user-agent "^EmailWolf" bad_bot=1
SetEnvIfNoCase user-agent "^Express\ WebPictures" bad_bot=1
SetEnvIfNoCase user-agent "^ExtractorPro" bad_bot=1
SetEnvIfNoCase user-agent "^EyeNetIE" bad_bot=1
SetEnvIfNoCase user-agent "^FlashGet" bad_bot=1
SetEnvIfNoCase user-agent "^GetRight" bad_bot=1
SetEnvIfNoCase user-agent "^GetWeb!" bad_bot=1
SetEnvIfNoCase user-agent "^Go!Zilla" bad_bot=1
SetEnvIfNoCase user-agent "^Go-Ahead-Got-It" bad_bot=1
SetEnvIfNoCase user-agent "^GrabNet" bad_bot=1
SetEnvIfNoCase user-agent "^Grafula" bad_bot=1
SetEnvIfNoCase user-agent "^HMView" bad_bot=1
SetEnvIfNoCase user-agent “HTTrack” bad_bot=1
SetEnvIfNoCase user-agent "^Image\ Stripper" bad_bot=1
SetEnvIfNoCase user-agent "^Image\ Sucker" bad_bot=1
SetEnvIfNoCase user-agent "Indy\ Library" [NC,OR]
SetEnvIfNoCase user-agent "^InterGET" bad_bot=1
SetEnvIfNoCase user-agent "^Internet\ Ninja" bad_bot=1
SetEnvIfNoCase user-agent "^JetCar" bad_bot=1
SetEnvIfNoCase user-agent "^JOC\ Web\ Spider" bad_bot=1
SetEnvIfNoCase user-agent "^larbin" bad_bot=1
SetEnvIfNoCase user-agent "^LeechFTP" bad_bot=1
SetEnvIfNoCase user-agent "^Mass\ Downloader" bad_bot=1
SetEnvIfNoCase user-agent "^MIDown\ tool" bad_bot=1
SetEnvIfNoCase user-agent "^Mister\ PiX" bad_bot=1
SetEnvIfNoCase user-agent "^Navroad" bad_bot=1
SetEnvIfNoCase user-agent "^NearSite" bad_bot=1
SetEnvIfNoCase user-agent "^NetAnts" bad_bot=1
SetEnvIfNoCase user-agent "^NetSpider" bad_bot=1
SetEnvIfNoCase user-agent "^Net\ Vampire" bad_bot=1
SetEnvIfNoCase user-agent "^NetZIP" bad_bot=1
SetEnvIfNoCase user-agent "^Octopus" bad_bot=1
SetEnvIfNoCase user-agent "^Offline\ Explorer" bad_bot=1
SetEnvIfNoCase user-agent "^Offline\ Navigator" bad_bot=1
SetEnvIfNoCase user-agent "^PageGrabber" bad_bot=1
SetEnvIfNoCase user-agent "^Papa\ Foto" bad_bot=1
SetEnvIfNoCase user-agent "^pavuk" bad_bot=1
SetEnvIfNoCase user-agent "^pcBrowser" bad_bot=1
SetEnvIfNoCase user-agent "^RealDownload" bad_bot=1
SetEnvIfNoCase user-agent "^ReGet" bad_bot=1
SetEnvIfNoCase user-agent "^SiteSnagger" bad_bot=1
SetEnvIfNoCase user-agent "^SmartDownload" bad_bot=1
SetEnvIfNoCase user-agent "^SuperBot" bad_bot=1
SetEnvIfNoCase user-agent "^SuperHTTP" bad_bot=1
SetEnvIfNoCase user-agent "^Surfbot" bad_bot=1
SetEnvIfNoCase user-agent "^tAkeOut" bad_bot=1
SetEnvIfNoCase user-agent "^Teleport\ Pro" bad_bot=1
SetEnvIfNoCase user-agent "^VoidEYE" bad_bot=1
SetEnvIfNoCase user-agent "^Web\ Image\ Collector" bad_bot=1
SetEnvIfNoCase user-agent "^Web\ Sucker" bad_bot=1
SetEnvIfNoCase user-agent "^WebAuto" bad_bot=1
SetEnvIfNoCase user-agent "^WebCopier" bad_bot=1
SetEnvIfNoCase user-agent "^WebFetch" bad_bot=1
SetEnvIfNoCase user-agent "^WebGo\ IS" bad_bot=1
SetEnvIfNoCase user-agent "^WebLeacher" bad_bot=1
SetEnvIfNoCase user-agent "^WebReaper" bad_bot=1
SetEnvIfNoCase user-agent "^WebSauger" bad_bot=1
SetEnvIfNoCase user-agent "^Website\ eXtractor" bad_bot=1
SetEnvIfNoCase user-agent "^Website\ Quester" bad_bot=1
SetEnvIfNoCase user-agent "^WebStripper" bad_bot=1
SetEnvIfNoCase user-agent "^WebWhacker" bad_bot=1
SetEnvIfNoCase user-agent "^WebZIP" bad_bot=1
SetEnvIfNoCase user-agent "^Widow" bad_bot=1
SetEnvIfNoCase user-agent "^WWWOFFLE" bad_bot=1
SetEnvIfNoCase user-agent "^Xaldon\ WebSpider" bad_bot=1
SetEnvIfNoCase user-agent "^Zeus" bad_bot=1
<FilesMatch "(.*)">
Order Allow,Deny
Allow from all
Deny from env=bad_bot
</FilesMatch>
有興趣的就參考囉~p.s. TextCube 台灣用戶夠少了,別攻擊啦!
