Manuia le aso! I totonu o le tusiga o le a ou taʻuina atu ia te oe le auala e mafai ai e tagata faʻaoga masani ona puʻeina tuatusi IP e faʻatupuina le tele o uta i luga o le saite ona poloka ai lea i latou e faʻaaoga ai meafaigaluega talimalo, o le ai ai "laititi" o le php code, nai screenshots.
Fa'amatalaga tu'uina:
- Le upega tafaʻilagi na faia ile CMS WordPress
- Faʻafeiloaʻi Beget (e le o se faʻasalalauga, ae o le faʻamalama faʻapipiʻi faʻatonu o le a maua mai i lenei kamupani talimalo faapitoa)
- O le WordPress site na faʻalauiloaina i se mea i le amataga o le 2000 ma o loʻo i ai se numera tele o tala ma mea
- PHP version 7.2
- O le WP o loʻo i ai le lomiga fou
- Mo sina taimi i le taimi nei, na amata ona faʻatupuina e le saite se uta maualuga ile MySQL e tusa ai ma faʻamaumauga talimalo. O aso uma e sili atu lenei tau i le 120% o le masani ile teugatupe
- E tusa ai ma Yandex. Metrica site e asia e 100-200 tagata i le aso
Muamua, sa faia lenei mea:
- Na fa'amama laulau fa'amaumauga mai otaota fa'aputu
- Na fa'agata fa'apipi'i le mana'omia, na aveese vaega o tulafono tuai
I le taimi lava e tasi, ou te manaʻo e tosina atu lou mafaufau i le mea moni o filifiliga faʻapipiʻi (caching plugins) na faʻataʻitaʻiina, na faia ni faʻamatalaga - ae o le uta o le 120% mai le tasi nofoaga e leʻi suia ma e mafai ona tupu.
O le a le fa'atatau o le uta i luga o fa'amaumauga tu'ufa'atasi e foliga mai
I le pito i luga o le saite o loʻo fesiligia, o loʻo i lalo lava o loʻo i ai isi saite e tutusa cms ma faʻatusa tutusa feʻaveaʻi, ae faʻaitiitia le uta.
Iloiloga
- E tele taumafaiga na faia i faʻamaumauga faʻapipiʻi filifiliga, o faʻamatalaga na faia i le tele o vaiaso (lelei, i le taimi lea e leʻi tusi mai ai le talimalo ia te aʻu ua ou leaga tele ma o le a motusia)
- Sa i ai se au'ili'iliga ma su'esu'e mo fa'ase'e lemu, ona sui la'ititi lea o le fausaga o fa'amaumauga ma le ituaiga laulau
- Mo suʻesuʻega, matou te faʻaaogaina muamua le AWStats fausia (i le ala, na fesoasoani e faʻatatau le tuatusi IP sili ona leaga e faʻavae i luga o le tele o feoaiga.
- Metric - o le metric e maua ai faʻamatalaga e uiga i tagata, ae le o bots
- O loʻo i ai taumafaiga e faʻaoga faʻapipiʻi mo WP e mafai ona faʻamama ma poloka tagata asiasi e oʻo lava ile atunuʻu o nofoaga ma tuʻufaʻatasiga eseese
- O se auala sili ona mataʻutia na foliga mai o le tapunia lea o le saite mo se aso ma le faʻamatalaga "O loʻo matou tausia" - na faia foi lenei mea i le faʻaogaina o le plugin lauiloa. I lenei tulaga, matou te faʻamoemoe o le uta e pa'ū, ae le o le zero, talu ai o le WP ideology e faʻavae i luga o matau ma plugins amata la latou gaioiga pe a tupu se "matau", ma aʻo leʻi tupu le "matau", talosaga i le database e mafai. ua uma ona fai
Manatu
- Fa'atusatusa tuatusi IP e tele naua talosaga i se taimi pu'upu'u.
- Faamaumau le numera o mea na maua i luga o le saite
- Poloka le avanoa i luga o le saite e faʻatatau i le numera o mea na lavea
- Poloka e faʻaaoga ai le "Teena mai" ulufale i le faila .htaccess
- Ou te leʻi mafaufau i isi filifiliga, pei o iptables ma tulafono mo Nginx, aua o loʻo ou tusitusi e uiga i le talimalo
Ua aliali mai se manatu, o lea e manaʻomia ai le faʻatinoina, aua e aunoa ma lenei ...
- Fausia o laulau e fa'aputu ai fa'amaumauga
CREATE TABLE `wp_visiters_bot` ( `id` INT(11) NOT NULL AUTO_INCREMENT, `ip` VARCHAR(300) NULL DEFAULT NULL, `browser` VARCHAR(500) NULL DEFAULT NULL, `cnt` INT(11) NULL DEFAULT NULL, `request` TEXT NULL, `input` TEXT NULL, `data_update` DATETIME NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, PRIMARY KEY (`id`), UNIQUE INDEX `ip` (`ip`) ) COMMENT='Кандидаты для блокировки' COLLATE='utf8_general_ci' ENGINE=InnoDB AUTO_INCREMENT=1;
CREATE TABLE `wp_visiters_bot_blocked` ( `id` INT(11) NOT NULL AUTO_INCREMENT, `ip` VARCHAR(300) NOT NULL, `data_update` DATETIME NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, PRIMARY KEY (`id`), UNIQUE INDEX `ip` (`ip`) ) COMMENT='Список уже заблокированных' COLLATE='utf8_general_ci' ENGINE=InnoDB AUTO_INCREMENT=59;
CREATE TABLE `wp_visiters_bot_history` ( `id` INT(11) NOT NULL AUTO_INCREMENT, `ip` VARCHAR(300) NULL DEFAULT NULL, `browser` VARCHAR(500) NULL DEFAULT NULL, `cnt` INT(11) NULL DEFAULT NULL, `data_update` DATETIME NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, `data_add` DATETIME NULL DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (`id`), UNIQUE INDEX `ip` (`ip`) ) COMMENT='История всех запросов для дебага' COLLATE='utf8_general_ci' ENGINE=InnoDB AUTO_INCREMENT=1;
- Sei o tatou faia se faila o le a tatou tuu ai le code. Ole code ole a fa'amaumau ile poloka o laulau sui ma fa'amauina se tala fa'asolopito mo le fa'asa'oina.
Faila faila mo le pueina o tuatusi IP
<?php if (!defined('ABSPATH')) { return; } global $wpdb; /** * Вернёт конкретный IP адрес посетителя * @return boolean */ function coderun_get_user_ip() { $client_ip = ''; $address_headers = array( 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR', ); foreach ($address_headers as $header) { if (array_key_exists($header, $_SERVER)) { $address_chain = explode(',', $_SERVER[$header]); $client_ip = trim($address_chain[0]); break; } } if (!$client_ip) { return ''; } if ('0.0.0.0' === $client_ip || '::' === $client_ip || $client_ip == 'unknown') { return ''; } return $client_ip; } $ip = esc_sql(coderun_get_user_ip()); // IP адрес посетителя if (empty($ip)) {// Нет IP, ну и идите лесом... header('Content-type: application/json;'); die('Big big bolt....'); } $browser = esc_sql($_SERVER['HTTP_USER_AGENT']); //Данные для анализа браузера $request = esc_sql(wp_json_encode($_REQUEST)); //Последний запрос который был к сайту $input = esc_sql(file_get_contents('php://input')); //Тело запроса, если было $cnt = 1; //Запрос в основную таблицу с временными кондидатами на блокировку $query = <<<EOT INSERT INTO wp_visiters_bot (`ip`,`browser`,`cnt`,`request`,`input`) VALUES ('{$ip}','{$browser}','{$cnt}','{$request}','$input') ON DUPLICATE KEY UPDATE cnt=cnt+1,request=VALUES(request),input=VALUES(input),browser=VALUES(browser) EOT; //Запрос для истории $query2 = <<<EOT INSERT INTO wp_visiters_bot_history (`ip`,`browser`,`cnt`) VALUES ('{$ip}','{$browser}','{$cnt}') ON DUPLICATE KEY UPDATE cnt=cnt+1,browser=VALUES(browser) EOT; $wpdb->query($query); $wpdb->query($query2);
O le ute o le code o le maua lea o le tuatusi IP a le tagata asiasi ma tusi i totonu o se laulau. Afai o le ip ua uma ona i totonu o le laulau, o le a faʻateleina le fanua cnt (le numera o talosaga i le saite)
- Le mea fa'afefe... O lea la o le a latou susunuina a'u mo a'u gaioiga :)
Ina ia faʻamaumau talosaga taʻitasi i le 'upega tafaʻilagi, matou te faʻafesoʻotaʻi le faila faila i le faila autu WordPress - wp-load.php. Ioe, matou te suia le faila faila ma saʻo pe a uma le suiga o le lalolagi $ wpdb ua uma ona iai
O lea la, ua mafai nei ona tatou vaʻai pe faʻafia ona faailogaina lenei poʻo lena tuatusi IP i la matou laulau ma faʻatasi ai ma se kofe kofe matou te vaʻai i ai i le 5 minute e malamalama ai i le ata.
Ona faigofie lea ona kopi le IP "leaga", tatala le .htaccess faila ma faʻaopopo i le pito o le faila
Order allow,deny
Allow from all
# start_auto_deny_list
Deny from 94.242.55.248
# end_auto_deny_list
O le mea lena, i le taimi nei 94.242.55.248 - e le maua le avanoa i luga o le saite ma e le faʻatupuina le uta i luga o faʻamaumauga.
Ae o taimi uma lava o le kopiina i lima e pei o lenei e le o se galuega sili ona amiotonu, ma e le gata i lea, o le tulafono na faʻamoemoe e tutoʻatasi.
Tatou fa'aopoopo se faila o le a fa'atinoina e ala ile CRON ile 30 minute uma:
Fa'ailoga faila suia .htaccess
<?php
/**
* Файл автоматического задания блокировок по IP адресу
* Должен запрашиваться через CRON
*/
if (empty($_REQUEST['key'])) {
die('Hello');
}
require('wp-load.php');
global $wpdb;
$limit_cnt = 70; //Лимит запросов по которым отбирать
$deny_table = $wpdb->get_results("SELECT * FROM wp_visiters_bot WHERE cnt>{$limit_cnt}");
$new_blocked = [];
$exclude_ip = [
'87.236.16.70'//адрес хостинга
];
foreach ($deny_table as $result) {
if (in_array($result->ip, $exclude_ip)) {
continue;
}
$wpdb->insert('wp_visiters_bot_blocked', ['ip' => $result->ip], ['%s']);
}
$deny_table_blocked = $wpdb->get_results("SELECT * FROM wp_visiters_bot_blocked");
foreach ($deny_table_blocked as $blocked) {
$new_blocked[] = $blocked->ip;
}
//Очистка таблицы
$wpdb->query("DELETE FROM wp_visiters_bot");
//echo '<pre>';print_r($new_blocked);echo '</pre>';
$file = '.htaccess';
$start_searche_tag = 'start_auto_deny_list';
$end_searche_tag = 'end_auto_deny_list';
$handle = @fopen($file, "r");
if ($handle) {
$replace_string = '';//Тест для вставки в файл .htaccess
$target_content = false; //Флаг нужного нам участка кода
while (($buffer = fgets($handle, 4096)) !== false) {
if (stripos($buffer, 'start_auto_deny_list') !== false) {
$target_content = true;
continue;
}
if (stripos($buffer, 'end_auto_deny_list') !== false) {
$target_content = false;
continue;
}
if ($target_content) {
$replace_string .= $buffer;
}
}
if (!feof($handle)) {
echo "Ошибка: fgets() неожиданно потерпел неудачуn";
}
fclose($handle);
}
//Текущий файл .htaccess
$content = file_get_contents($file);
$content = str_replace($replace_string, '', $content);
//Очищаем все блокировки в файле .htaccess
file_put_contents($file, $content);
//Запись новых блокировок
$str = "# {$start_searche_tag}" . PHP_EOL;
foreach ($new_blocked as $key => $value) {
$str .= "Deny from {$value}" . PHP_EOL;
}
file_put_contents($file, str_replace("# {$start_searche_tag}", $str, file_get_contents($file)));
O le faila faila e fai si faigofie ma muamua ma o lona manatu autu o le ave o sui tauva mo le poloka ma ulufale i le poloka tulafono i le .htaccess faila i le va o faʻamatalaga.
# start_auto_deny_list ma # end_auto_deny_list
O le taimi nei ua poloka IP "leaga" e i latou lava, ma o le faila .htaccess e foliga mai e pei o lenei:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Order allow,deny
Allow from all
# start_auto_deny_list
Deny from 94.242.55.248
Deny from 207.46.13.122
Deny from 66.249.64.164
Deny from 54.209.162.70
Deny from 40.77.167.86
Deny from 54.146.43.69
Deny from 207.46.13.168
....... ниже другие адреса
# end_auto_deny_list
O se taunuuga, a maeʻa ona amata galue lenei code, e mafai ona e vaʻaia le iʻuga i le laulau talimalo:
PS: O mea o loʻo tusia e le tusitala, e ui lava na ou lolomiina se vaega i luga o laʻu upega tafaʻilagi, na ou maua se faʻalauteleina atili i luga o Habre.
puna: www.habr.com