Zuva rakanaka! Muchinyorwa ini ndichakuudza kuti vashandisi venguva dzose kutambira vanogona sei kubata IP kero dzinoburitsa yakawandisa mutoro pasaiti uye vobva vadzivharira vachishandisa maturusi ekutambira, pachave ne "zvishoma" zvephp kodhi, mashoma skrini.
Zvekuisa data:
- Webhusaiti yakagadzirwa paCMS WordPress
- Hosting Beget (ichi hachisi chiziviso, asi admin panhizha zvidzitiro zvichabva kune uyu anotambira mupi)
- Iyo WordPress saiti yakatangwa pane imwe nzvimbo mukutanga kwe2000 uye ine nhamba huru yezvinyorwa uye zvinhu
- PHP shanduro 7.2
- WP ine yazvino vhezheni
- Kwenguva yakati ikozvino, saiti yakatanga kuburitsa mutoro wakakwira paMySQL maererano nedata rekutambira. Zuva rega rega kukosha uku kwakapfuura 120% yezvakajairwa paakaundi
- Maererano neYandex. Metrica saiti inoshanyirwa nevanhu 100-200 pazuva
Chokutanga pane zvose, izvi zvakaitwa:
- Database tables dzakabviswa marara akaunganidzwa
- Mapulagi asina kufanira akavharwa, zvikamu zvekodhi yekare zvakabviswa
Panguva imwecheteyo, ndinoda kukwevera pfungwa dzako kune chokwadi chekuti caching sarudzo (caching plugins) dzakaedzwa, zvakacherechedzwa - asi mutoro we120% kubva kune imwe saiti hauna kuchinjwa uye unogona kukura chete.
Izvo zvakaenzana mutoro pane yekutambira dhatabhesi yakaita sei
Pamusoro pane saiti iri mubvunzo, pazasi pane mamwe masayiti ane macms akafanana uye anenge traffic yakafanana, asi gadzira mashoma.
Analysis
- Kuedza kwakawanda kwakaitwa nesarudzo dze caching data, kucherechedzwa kwakaitwa kwemavhiki akati wandei (nerombo rakanaka, panguva ino yekutambira haina kumbondinyorera kuti ndakaipa uye ndaizobviswa)
- Paive nekuongorora uye kutsvaga kunonoka kubvunza, ipapo iyo dhatabhesi chimiro uye tafura mhando yakashandurwa zvishoma
- Kuongorora, isu takanyanya kushandisa yakavakirwa-mukati maAWStats (nenzira, yakabatsira kuverenga yakaipisisa IP kero zvichienderana nehuwandu hwetraffic.
- Metric - iyo metric inopa ruzivo chete nezve vanhu, kwete nezve bots
- Pave nekuedza kushandisa plugins yeWP inogona kusefa nekuvhara vashanyi kunyangwe nenyika yenzvimbo uye akasiyana masanganiswa.
- Nzira yakakwana yakave yekuvhara saiti kwezuva neinoti "Tiri pasi pekugadzirisa" - izvi zvakaitwa zvakare uchishandisa yakakurumbira plugin. Muchiitiko ichi, tinotarisira kuti mutoro unodonha, asi kwete kune zero kukosha, sezvo pfungwa yeWP yakavakirwa pazvikorekedzo uye mapulagini anotanga basa ravo apo "hook" inoitika, uye "hook" isati yaitika, zvikumbiro kune database zvinogona. kare kugadzirwa
Idea
- Verenga kero dzeIP dzinoita zvikumbiro zvakawanda munguva pfupi.
- Rekodha huwandu hwemahits kune saiti
- Vhara kupinda kune saiti zvichienderana nehuwandu hwekurova
- Bvisa kushandisa "Ramba kubva" kupinda mu .htaccess file
- Ini handina kufunga nezve dzimwe sarudzo, senge iptables nemitemo yeNginx, nekuti ndiri kunyora nezve kugamuchira
Imwe pfungwa yabuda, saka inoda kuitwa, sezvo pasina izvi...
- Kugadzira matafura kuti uunganidze data
CREATE TABLE `wp_visiters_bot` ( `id` INT(11) NOT NULL AUTO_INCREMENT, `ip` VARCHAR(300) NULL DEFAULT NULL, `browser` VARCHAR(500) NULL DEFAULT NULL, `cnt` INT(11) NULL DEFAULT NULL, `request` TEXT NULL, `input` TEXT NULL, `data_update` DATETIME NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, PRIMARY KEY (`id`), UNIQUE INDEX `ip` (`ip`) ) COMMENT='ΠΠ°Π½Π΄ΠΈΠ΄Π°ΡΡ Π΄Π»Ρ Π±Π»ΠΎΠΊΠΈΡΠΎΠ²ΠΊΠΈ' COLLATE='utf8_general_ci' ENGINE=InnoDB AUTO_INCREMENT=1;
CREATE TABLE `wp_visiters_bot_blocked` ( `id` INT(11) NOT NULL AUTO_INCREMENT, `ip` VARCHAR(300) NOT NULL, `data_update` DATETIME NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, PRIMARY KEY (`id`), UNIQUE INDEX `ip` (`ip`) ) COMMENT='Π‘ΠΏΠΈΡΠΎΠΊ ΡΠΆΠ΅ Π·Π°Π±Π»ΠΎΠΊΠΈΡΠΎΠ²Π°Π½Π½ΡΡ ' COLLATE='utf8_general_ci' ENGINE=InnoDB AUTO_INCREMENT=59;
CREATE TABLE `wp_visiters_bot_history` ( `id` INT(11) NOT NULL AUTO_INCREMENT, `ip` VARCHAR(300) NULL DEFAULT NULL, `browser` VARCHAR(500) NULL DEFAULT NULL, `cnt` INT(11) NULL DEFAULT NULL, `data_update` DATETIME NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, `data_add` DATETIME NULL DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (`id`), UNIQUE INDEX `ip` (`ip`) ) COMMENT='ΠΡΡΠΎΡΠΈΡ Π²ΡΠ΅Ρ Π·Π°ΠΏΡΠΎΡΠΎΠ² Π΄Π»Ρ Π΄Π΅Π±Π°Π³Π°' COLLATE='utf8_general_ci' ENGINE=InnoDB AUTO_INCREMENT=1;
- Ngatigadzire faira yatinozoisa kodhi. Iyo kodhi icharekodha mune inovharira mumiriri matafura uye chengeta nhoroondo yedebugging.
Faira kodhi yekurekodha IP kero
<?php if (!defined('ABSPATH')) { return; } global $wpdb; /** * ΠΠ΅ΡΠ½ΡΡ ΠΊΠΎΠ½ΠΊΡΠ΅ΡΠ½ΡΠΉ IP Π°Π΄ΡΠ΅Ρ ΠΏΠΎΡΠ΅ΡΠΈΡΠ΅Π»Ρ * @return boolean */ function coderun_get_user_ip() { $client_ip = ''; $address_headers = array( 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR', ); foreach ($address_headers as $header) { if (array_key_exists($header, $_SERVER)) { $address_chain = explode(',', $_SERVER[$header]); $client_ip = trim($address_chain[0]); break; } } if (!$client_ip) { return ''; } if ('0.0.0.0' === $client_ip || '::' === $client_ip || $client_ip == 'unknown') { return ''; } return $client_ip; } $ip = esc_sql(coderun_get_user_ip()); // IP Π°Π΄ΡΠ΅Ρ ΠΏΠΎΡΠ΅ΡΠΈΡΠ΅Π»Ρ if (empty($ip)) {// ΠΠ΅Ρ IP, Π½Ρ ΠΈ ΠΈΠ΄ΠΈΡΠ΅ Π»Π΅ΡΠΎΠΌ... header('Content-type: application/json;'); die('Big big bolt....'); } $browser = esc_sql($_SERVER['HTTP_USER_AGENT']); //ΠΠ°Π½Π½ΡΠ΅ Π΄Π»Ρ Π°Π½Π°Π»ΠΈΠ·Π° Π±ΡΠ°ΡΠ·Π΅ΡΠ° $request = esc_sql(wp_json_encode($_REQUEST)); //ΠΠΎΡΠ»Π΅Π΄Π½ΠΈΠΉ Π·Π°ΠΏΡΠΎΡ ΠΊΠΎΡΠΎΡΡΠΉ Π±ΡΠ» ΠΊ ΡΠ°ΠΉΡΡ $input = esc_sql(file_get_contents('php://input')); //Π’Π΅Π»ΠΎ Π·Π°ΠΏΡΠΎΡΠ°, Π΅ΡΠ»ΠΈ Π±ΡΠ»ΠΎ $cnt = 1; //ΠΠ°ΠΏΡΠΎΡ Π² ΠΎΡΠ½ΠΎΠ²Π½ΡΡ ΡΠ°Π±Π»ΠΈΡΡ Ρ Π²ΡΠ΅ΠΌΠ΅Π½Π½ΡΠΌΠΈ ΠΊΠΎΠ½Π΄ΠΈΠ΄Π°ΡΠ°ΠΌΠΈ Π½Π° Π±Π»ΠΎΠΊΠΈΡΠΎΠ²ΠΊΡ $query = <<<EOT INSERT INTO wp_visiters_bot (`ip`,`browser`,`cnt`,`request`,`input`) VALUES ('{$ip}','{$browser}','{$cnt}','{$request}','$input') ON DUPLICATE KEY UPDATE cnt=cnt+1,request=VALUES(request),input=VALUES(input),browser=VALUES(browser) EOT; //ΠΠ°ΠΏΡΠΎΡ Π΄Π»Ρ ΠΈΡΡΠΎΡΠΈΠΈ $query2 = <<<EOT INSERT INTO wp_visiters_bot_history (`ip`,`browser`,`cnt`) VALUES ('{$ip}','{$browser}','{$cnt}') ON DUPLICATE KEY UPDATE cnt=cnt+1,browser=VALUES(browser) EOT; $wpdb->query($query); $wpdb->query($query2);
Chinokosha chekodhi kutora kero yeIP yemuenzi uye kuinyora mutafura. Kana iyo ip yatove mutafura, iyo cnt munda ichawedzerwa (nhamba yezvikumbiro kune saiti)
- Zvino chinhu chinotyisa ... Zvino vachandipisa nekuda kwezviito zvangu :)
Kurekodha chikumbiro chega chega kune saiti, tinobatanidza kodhi yefaira kune huru WordPress faira - wp-load.php. Ehe, isu tinoshandura iyo kernel faira uye chaizvo mushure mekusiyana kwepasi rose $ wpdb kwatovepo
Saka, ikozvino isu tinogona kuona kuti kangani iyi kana iyo IP kero yakanyorwa mutafura yedu uye nekagi yekofi tinotarisa ipapo kamwechete maminitsi mashanu kuti tinzwisise mufananidzo.
Wobva wangokopa IP "inokuvadza", vhura iyo .htaccess file uye uiwedzere kumagumo efaira.
Order allow,deny
Allow from all
# start_auto_deny_list
Deny from 94.242.55.248
# end_auto_deny_list
Ndizvozvo, ikozvino 94.242.55.248 - haina mukana kune saiti uye haiburitse mutoro pane database.
Asi nguva dzese kukopa nemaoko seizvi harisi basa rakarurama, uye kunze kweizvozvo, kodhi yacho yaiitirwa kuzvimiririra.
Ngatiwedzerei faira rinozoitwa kuburikidza neCRON ega ega makumi matatu maminetsi:
File code modifying .htaccess
<?php
/**
* Π€Π°ΠΉΠ» Π°Π²ΡΠΎΠΌΠ°ΡΠΈΡΠ΅ΡΠΊΠΎΠ³ΠΎ Π·Π°Π΄Π°Π½ΠΈΡ Π±Π»ΠΎΠΊΠΈΡΠΎΠ²ΠΎΠΊ ΠΏΠΎ IP Π°Π΄ΡΠ΅ΡΡ
* ΠΠΎΠ»ΠΆΠ΅Π½ Π·Π°ΠΏΡΠ°ΡΠΈΠ²Π°ΡΡΡΡ ΡΠ΅ΡΠ΅Π· CRON
*/
if (empty($_REQUEST['key'])) {
die('Hello');
}
require('wp-load.php');
global $wpdb;
$limit_cnt = 70; //ΠΠΈΠΌΠΈΡ Π·Π°ΠΏΡΠΎΡΠΎΠ² ΠΏΠΎ ΠΊΠΎΡΠΎΡΡΠΌ ΠΎΡΠ±ΠΈΡΠ°ΡΡ
$deny_table = $wpdb->get_results("SELECT * FROM wp_visiters_bot WHERE cnt>{$limit_cnt}");
$new_blocked = [];
$exclude_ip = [
'87.236.16.70'//Π°Π΄ΡΠ΅Ρ Ρ
ΠΎΡΡΠΈΠ½Π³Π°
];
foreach ($deny_table as $result) {
if (in_array($result->ip, $exclude_ip)) {
continue;
}
$wpdb->insert('wp_visiters_bot_blocked', ['ip' => $result->ip], ['%s']);
}
$deny_table_blocked = $wpdb->get_results("SELECT * FROM wp_visiters_bot_blocked");
foreach ($deny_table_blocked as $blocked) {
$new_blocked[] = $blocked->ip;
}
//ΠΡΠΈΡΡΠΊΠ° ΡΠ°Π±Π»ΠΈΡΡ
$wpdb->query("DELETE FROM wp_visiters_bot");
//echo '<pre>';print_r($new_blocked);echo '</pre>';
$file = '.htaccess';
$start_searche_tag = 'start_auto_deny_list';
$end_searche_tag = 'end_auto_deny_list';
$handle = @fopen($file, "r");
if ($handle) {
$replace_string = '';//Π’Π΅ΡΡ Π΄Π»Ρ Π²ΡΡΠ°Π²ΠΊΠΈ Π² ΡΠ°ΠΉΠ» .htaccess
$target_content = false; //Π€Π»Π°Π³ Π½ΡΠΆΠ½ΠΎΠ³ΠΎ Π½Π°ΠΌ ΡΡΠ°ΡΡΠΊΠ° ΠΊΠΎΠ΄Π°
while (($buffer = fgets($handle, 4096)) !== false) {
if (stripos($buffer, 'start_auto_deny_list') !== false) {
$target_content = true;
continue;
}
if (stripos($buffer, 'end_auto_deny_list') !== false) {
$target_content = false;
continue;
}
if ($target_content) {
$replace_string .= $buffer;
}
}
if (!feof($handle)) {
echo "ΠΡΠΈΠ±ΠΊΠ°: fgets() Π½Π΅ΠΎΠΆΠΈΠ΄Π°Π½Π½ΠΎ ΠΏΠΎΡΠ΅ΡΠΏΠ΅Π» Π½Π΅ΡΠ΄Π°ΡΡn";
}
fclose($handle);
}
//Π’Π΅ΠΊΡΡΠΈΠΉ ΡΠ°ΠΉΠ» .htaccess
$content = file_get_contents($file);
$content = str_replace($replace_string, '', $content);
//ΠΡΠΈΡΠ°Π΅ΠΌ Π²ΡΠ΅ Π±Π»ΠΎΠΊΠΈΡΠΎΠ²ΠΊΠΈ Π² ΡΠ°ΠΉΠ»Π΅ .htaccess
file_put_contents($file, $content);
//ΠΠ°ΠΏΠΈΡΡ Π½ΠΎΠ²ΡΡ
Π±Π»ΠΎΠΊΠΈΡΠΎΠ²ΠΎΠΊ
$str = "# {$start_searche_tag}" . PHP_EOL;
foreach ($new_blocked as $key => $value) {
$str .= "Deny from {$value}" . PHP_EOL;
}
file_put_contents($file, str_replace("# {$start_searche_tag}", $str, file_get_contents($file)));
Iyo kodhi yefaira iri nyore uye yekare uye pfungwa yayo huru ndeyekutora vavhoti vekuvhara uye kuisa inovharira mitemo mu.htaccess faira pakati pemashoko.
# start_auto_deny_list uye # end_auto_deny_list
Iye zvino "zvinokuvadza" IPs zvakavharwa pachavo, uye .htaccess file inotarisa chimwe chinhu chakadai:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Order allow,deny
Allow from all
# start_auto_deny_list
Deny from 94.242.55.248
Deny from 207.46.13.122
Deny from 66.249.64.164
Deny from 54.209.162.70
Deny from 40.77.167.86
Deny from 54.146.43.69
Deny from 207.46.13.168
....... Π½ΠΈΠΆΠ΅ Π΄ΡΡΠ³ΠΈΠ΅ Π°Π΄ΡΠ΅ΡΠ°
# end_auto_deny_list
Nekuda kweizvozvo, mushure mekuti kodhi iyi yatanga kushanda, unogona kuona mhedzisiro mupaneri yekutambira:
PS: Zvinyorwa ndezvemunyori, kunyangwe ndakaburitsa chikamu pawebhusaiti yangu, ndakawana imwe yakawedzera vhezheni paHabre.
Source: www.habr.com