网站被没有 IP 特征的海量请求刷了,于是想看看 HTTP User Agent 是否有特征。
命令
awk -F'"' '{print $6}' access.log | sort | uniq -c | sort -rn | head -10
输出
105015 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36
102205 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36
102191 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
11176 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
1644 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
758 Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)
751 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) Chrome/116.0.1938.76 Safari/537.36
639 Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
510 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3
415 Sogou web spider/4.0(+http://www.sogou.com/docs/help/webmasters.htm#07)
nginx 规则,禁用访问 js 和 css 的请求,对于那种没有 refer 的请求
location ~* ^/(js/.*\.js|css/.*\.css)$ {
# 定义合法的Referer来源
valid_referers blocked server_names;
# 如果Referer不合法
if ($invalid_referer) {
return 444;
}
}
关于作者 🌱
我是来自山东烟台的一名开发者,有感兴趣的话题,或者软件开发需求,欢迎加微信 zhongwei 聊聊, 查看更多联系方式