Maalin wacan! Maqaalka waxaan kuu sheegi doonaa sida dadka isticmaala martigelinta caadiga ah ay u qabsan karaan cinwaannada IP-yada kuwaas oo soo saara culeys xad-dhaaf ah oo ku yaal goobta ka dibna iyaga oo isticmaalaya qalabka martigelinta, waxaa jiri doona "wax yar" oo ah koodka php, dhowr shaashadood.
Xog galinta:
- Websaydh laga sameeyay CMS WordPress
- Hosting Beget (tani maaha xayaysiis, laakiin shaashadaha guddiga maamulka ayaa ka iman doona bixiyahan gaarka ah)
- Bogga WordPress waxa la bilaabay horraantii 2000 waxana uu leeyahay tiro badan oo maqaallo iyo agab ah
- PHP nooca 7.2
- WP ayaa leh noocii ugu dambeeyay
- In muddo ah hadda, goobtu waxay bilowday inay soo saarto culeys sare MySQL marka loo eego xogta martigelinta. Maalin kasta qiimahani waxa uu dhaafey 120% heerka caadiga ah akoonkiiba
- Sida laga soo xigtay Yandex. Goobta Metrica waxaa booqda 100-200 oo qof maalintii
Ugu horreyntii, tan ayaa la sameeyay:
- Miisaska xog-ururinta ayaa laga nadiifiyay qashinka urursan
- Furayaasha aan loo baahnayn waa la damiyay, qaybo kood dhacay ayaa meesha laga saaray
Isla mar ahaantaana, waxaan jeclaan lahaa inaan ku soo jiito dareenkaaga xaqiiqda ah in fursadaha kaydinta (caching plugins) la isku dayay, indho-indheyn ayaa la sameeyay - laakiin culeyska 120% ee hal goob ayaa isbeddelay oo kori kara oo kaliya.
Muxuu u ekaa culayska qiyaasaha ah ee kaydinta xogta
Xagga sare waa goobta su'aasha, hoos waxaa ku yaal goobo kale oo leh cms isku mid ah iyo qiyaas isku mid ah gaadiidka, laakiin abuuraya culeys yar.
ΠΠ½Π°Π»ΠΈΠ·
- Isku dayo badan ayaa lagu sameeyay xulashooyinka kaydinta xogta, indho-indheyn ayaa la sameeyay dhowr toddobaad (nasiib wanaag, inta lagu jiro waqtigan martigelinta waligeed iima soo qorin inaan aad u xunahay oo aan go'i doono)
- Waxaa jiray falanqayn iyo raadinta su'aalo gaabis ah, ka dib qaab dhismeedka xogta iyo nooca miiska ayaa wax yar la bedelay
- Falanqaynta, waxaan ugu horreyn u isticmaalnay AWStats-ku-dhismay (sida, waxay gacan ka gaysatay xisaabinta cinwaanka IP-ga ugu xun ee ku saleysan mugga taraafikada
- Metric - mitirku wuxuu bixiyaa macluumaadka ku saabsan dadka oo kaliya, ma aha wax ku saabsan bots
- Waxaa jiray isku dayo ah in loo isticmaalo plugins loogu talagalay WP kuwaas oo shaandheyn kara oo xannibi kara booqdayaasha xitaa waddanka ay joogaan iyo isku-dhafka kala duwan
- Habka gebi ahaan xagjirka ah ayaa noqday in la xiro goobta maalin iyada oo la raacayo qoraalka "Waxaan ku jirnaa dayactir" - tan waxaa sidoo kale la sameeyay iyadoo la adeegsanayo plugin caanka ah. Xaaladdan oo kale, waxaan fileynaa in culeysku hoos u dhaco, laakiin maaha qiimaha eber, maadaama fikradda WP ay ku saleysan tahay jillaabyada iyo fiilooyinka waxay bilaabaan waxqabadkooda marka "jilo" dhacdo, iyo ka hor inta uusan dhicin "jillaab", codsiyada database-ka ayaa kara mar hore la sameeyay
Fikradda
- Xisaabi ciwaannada IP-ga ee sameeya codsiyo badan muddo gaaban gudaheed.
- Ku qor tirada hits goobta
- Jooji gelitaanka goobta iyadoo lagu saleynayo tirada hits
- Jooji adigoo isticmaalaya "Diidmada" gelitaanka faylka .htaccess
- Ma tixgelin doorashooyin kale, sida iptables iyo xeerarka Nginx, sababtoo ah waxaan wax ka qorayaa martigelinta
Fikrad ayaa soo baxday, markaa waxay u baahan tahay in la fuliyo, sida tan la'aanteed ...
- Abuuritaanka jadwal si loo ururiyo xogta
CREATE TABLE `wp_visiters_bot` ( `id` INT(11) NOT NULL AUTO_INCREMENT, `ip` VARCHAR(300) NULL DEFAULT NULL, `browser` VARCHAR(500) NULL DEFAULT NULL, `cnt` INT(11) NULL DEFAULT NULL, `request` TEXT NULL, `input` TEXT NULL, `data_update` DATETIME NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, PRIMARY KEY (`id`), UNIQUE INDEX `ip` (`ip`) ) COMMENT='ΠΠ°Π½Π΄ΠΈΠ΄Π°ΡΡ Π΄Π»Ρ Π±Π»ΠΎΠΊΠΈΡΠΎΠ²ΠΊΠΈ' COLLATE='utf8_general_ci' ENGINE=InnoDB AUTO_INCREMENT=1;
CREATE TABLE `wp_visiters_bot_blocked` ( `id` INT(11) NOT NULL AUTO_INCREMENT, `ip` VARCHAR(300) NOT NULL, `data_update` DATETIME NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, PRIMARY KEY (`id`), UNIQUE INDEX `ip` (`ip`) ) COMMENT='Π‘ΠΏΠΈΡΠΎΠΊ ΡΠΆΠ΅ Π·Π°Π±Π»ΠΎΠΊΠΈΡΠΎΠ²Π°Π½Π½ΡΡ ' COLLATE='utf8_general_ci' ENGINE=InnoDB AUTO_INCREMENT=59;
CREATE TABLE `wp_visiters_bot_history` ( `id` INT(11) NOT NULL AUTO_INCREMENT, `ip` VARCHAR(300) NULL DEFAULT NULL, `browser` VARCHAR(500) NULL DEFAULT NULL, `cnt` INT(11) NULL DEFAULT NULL, `data_update` DATETIME NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, `data_add` DATETIME NULL DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (`id`), UNIQUE INDEX `ip` (`ip`) ) COMMENT='ΠΡΡΠΎΡΠΈΡ Π²ΡΠ΅Ρ Π·Π°ΠΏΡΠΎΡΠΎΠ² Π΄Π»Ρ Π΄Π΅Π±Π°Π³Π°' COLLATE='utf8_general_ci' ENGINE=InnoDB AUTO_INCREMENT=1;
- Aan abuurno fayl aan ku dhejin doono koodka. Xeerku waxa uu ku qori doonaa jaanisyada musharaxiinta ee xannibaya oo waxa uu hayn doonaa tariikhda khaladka.
Koodhka faylka ee duubista cinwaannada IP
<?php if (!defined('ABSPATH')) { return; } global $wpdb; /** * ΠΠ΅ΡΠ½ΡΡ ΠΊΠΎΠ½ΠΊΡΠ΅ΡΠ½ΡΠΉ IP Π°Π΄ΡΠ΅Ρ ΠΏΠΎΡΠ΅ΡΠΈΡΠ΅Π»Ρ * @return boolean */ function coderun_get_user_ip() { $client_ip = ''; $address_headers = array( 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR', ); foreach ($address_headers as $header) { if (array_key_exists($header, $_SERVER)) { $address_chain = explode(',', $_SERVER[$header]); $client_ip = trim($address_chain[0]); break; } } if (!$client_ip) { return ''; } if ('0.0.0.0' === $client_ip || '::' === $client_ip || $client_ip == 'unknown') { return ''; } return $client_ip; } $ip = esc_sql(coderun_get_user_ip()); // IP Π°Π΄ΡΠ΅Ρ ΠΏΠΎΡΠ΅ΡΠΈΡΠ΅Π»Ρ if (empty($ip)) {// ΠΠ΅Ρ IP, Π½Ρ ΠΈ ΠΈΠ΄ΠΈΡΠ΅ Π»Π΅ΡΠΎΠΌ... header('Content-type: application/json;'); die('Big big bolt....'); } $browser = esc_sql($_SERVER['HTTP_USER_AGENT']); //ΠΠ°Π½Π½ΡΠ΅ Π΄Π»Ρ Π°Π½Π°Π»ΠΈΠ·Π° Π±ΡΠ°ΡΠ·Π΅ΡΠ° $request = esc_sql(wp_json_encode($_REQUEST)); //ΠΠΎΡΠ»Π΅Π΄Π½ΠΈΠΉ Π·Π°ΠΏΡΠΎΡ ΠΊΠΎΡΠΎΡΡΠΉ Π±ΡΠ» ΠΊ ΡΠ°ΠΉΡΡ $input = esc_sql(file_get_contents('php://input')); //Π’Π΅Π»ΠΎ Π·Π°ΠΏΡΠΎΡΠ°, Π΅ΡΠ»ΠΈ Π±ΡΠ»ΠΎ $cnt = 1; //ΠΠ°ΠΏΡΠΎΡ Π² ΠΎΡΠ½ΠΎΠ²Π½ΡΡ ΡΠ°Π±Π»ΠΈΡΡ Ρ Π²ΡΠ΅ΠΌΠ΅Π½Π½ΡΠΌΠΈ ΠΊΠΎΠ½Π΄ΠΈΠ΄Π°ΡΠ°ΠΌΠΈ Π½Π° Π±Π»ΠΎΠΊΠΈΡΠΎΠ²ΠΊΡ $query = <<<EOT INSERT INTO wp_visiters_bot (`ip`,`browser`,`cnt`,`request`,`input`) VALUES ('{$ip}','{$browser}','{$cnt}','{$request}','$input') ON DUPLICATE KEY UPDATE cnt=cnt+1,request=VALUES(request),input=VALUES(input),browser=VALUES(browser) EOT; //ΠΠ°ΠΏΡΠΎΡ Π΄Π»Ρ ΠΈΡΡΠΎΡΠΈΠΈ $query2 = <<<EOT INSERT INTO wp_visiters_bot_history (`ip`,`browser`,`cnt`) VALUES ('{$ip}','{$browser}','{$cnt}') ON DUPLICATE KEY UPDATE cnt=cnt+1,browser=VALUES(browser) EOT; $wpdb->query($query); $wpdb->query($query2);
Nuxurka koodka ayaa ah in la helo cinwaanka IP-ga booqdaha oo lagu qoro miis. Haddii ip uu horey ugu jiray miiska, goobta cnt waa la kordhin doonaa (tirada codsiyada goobta)
- Hadda waxa cabsida leh... Hadda waxay igu gubi doonaan ficilladayda :)
Si loo duubo codsi kasta goobta, waxaan ku xireynaa koodhka faylka faylka ugu weyn ee WordPress - wp-load.php. Haa, waxaanu bedelnaa faylka kernel-ka iyo sida saxda ah ka dib marka uu jiro doorsoomaha caalamiga ah $wpdb
Marka, hadda waxaan arki karnaa inta jeer ee kan ama cinwaanka IP-ga lagu calaamadeeyay miiskayaga iyo koob kafee ah waxaan eegnaa hal mar 5tii daqiiqoba si aan u fahanno sawirka
Kadibna si fudud u nuqul ka IP-ga "waxyeelo leh", fur faylka .htaccess oo ku dar dhamaadka faylka
Order allow,deny
Allow from all
# start_auto_deny_list
Deny from 94.242.55.248
# end_auto_deny_list
Taasi waa, hadda 94.242.55.248 - ma gasho goobta mana soo saarto culeys ku saabsan xogta
Laakiin mar kasta oo gacanta lagu koobiyeeyo sidan maaha hawl aad xaq u leh, ka sokow, koodhka waxaa loogu talagalay inuu noqdo mid madaxbannaan.
Aynu ku darno fayl lagu fulin doono CRON 30kii daqiiqaba:
Koodhka faylka wax ka beddelaya .htaccess
<?php
/**
* Π€Π°ΠΉΠ» Π°Π²ΡΠΎΠΌΠ°ΡΠΈΡΠ΅ΡΠΊΠΎΠ³ΠΎ Π·Π°Π΄Π°Π½ΠΈΡ Π±Π»ΠΎΠΊΠΈΡΠΎΠ²ΠΎΠΊ ΠΏΠΎ IP Π°Π΄ΡΠ΅ΡΡ
* ΠΠΎΠ»ΠΆΠ΅Π½ Π·Π°ΠΏΡΠ°ΡΠΈΠ²Π°ΡΡΡΡ ΡΠ΅ΡΠ΅Π· CRON
*/
if (empty($_REQUEST['key'])) {
die('Hello');
}
require('wp-load.php');
global $wpdb;
$limit_cnt = 70; //ΠΠΈΠΌΠΈΡ Π·Π°ΠΏΡΠΎΡΠΎΠ² ΠΏΠΎ ΠΊΠΎΡΠΎΡΡΠΌ ΠΎΡΠ±ΠΈΡΠ°ΡΡ
$deny_table = $wpdb->get_results("SELECT * FROM wp_visiters_bot WHERE cnt>{$limit_cnt}");
$new_blocked = [];
$exclude_ip = [
'87.236.16.70'//Π°Π΄ΡΠ΅Ρ Ρ
ΠΎΡΡΠΈΠ½Π³Π°
];
foreach ($deny_table as $result) {
if (in_array($result->ip, $exclude_ip)) {
continue;
}
$wpdb->insert('wp_visiters_bot_blocked', ['ip' => $result->ip], ['%s']);
}
$deny_table_blocked = $wpdb->get_results("SELECT * FROM wp_visiters_bot_blocked");
foreach ($deny_table_blocked as $blocked) {
$new_blocked[] = $blocked->ip;
}
//ΠΡΠΈΡΡΠΊΠ° ΡΠ°Π±Π»ΠΈΡΡ
$wpdb->query("DELETE FROM wp_visiters_bot");
//echo '<pre>';print_r($new_blocked);echo '</pre>';
$file = '.htaccess';
$start_searche_tag = 'start_auto_deny_list';
$end_searche_tag = 'end_auto_deny_list';
$handle = @fopen($file, "r");
if ($handle) {
$replace_string = '';//Π’Π΅ΡΡ Π΄Π»Ρ Π²ΡΡΠ°Π²ΠΊΠΈ Π² ΡΠ°ΠΉΠ» .htaccess
$target_content = false; //Π€Π»Π°Π³ Π½ΡΠΆΠ½ΠΎΠ³ΠΎ Π½Π°ΠΌ ΡΡΠ°ΡΡΠΊΠ° ΠΊΠΎΠ΄Π°
while (($buffer = fgets($handle, 4096)) !== false) {
if (stripos($buffer, 'start_auto_deny_list') !== false) {
$target_content = true;
continue;
}
if (stripos($buffer, 'end_auto_deny_list') !== false) {
$target_content = false;
continue;
}
if ($target_content) {
$replace_string .= $buffer;
}
}
if (!feof($handle)) {
echo "ΠΡΠΈΠ±ΠΊΠ°: fgets() Π½Π΅ΠΎΠΆΠΈΠ΄Π°Π½Π½ΠΎ ΠΏΠΎΡΠ΅ΡΠΏΠ΅Π» Π½Π΅ΡΠ΄Π°ΡΡn";
}
fclose($handle);
}
//Π’Π΅ΠΊΡΡΠΈΠΉ ΡΠ°ΠΉΠ» .htaccess
$content = file_get_contents($file);
$content = str_replace($replace_string, '', $content);
//ΠΡΠΈΡΠ°Π΅ΠΌ Π²ΡΠ΅ Π±Π»ΠΎΠΊΠΈΡΠΎΠ²ΠΊΠΈ Π² ΡΠ°ΠΉΠ»Π΅ .htaccess
file_put_contents($file, $content);
//ΠΠ°ΠΏΠΈΡΡ Π½ΠΎΠ²ΡΡ
Π±Π»ΠΎΠΊΠΈΡΠΎΠ²ΠΎΠΊ
$str = "# {$start_searche_tag}" . PHP_EOL;
foreach ($new_blocked as $key => $value) {
$str .= "Deny from {$value}" . PHP_EOL;
}
file_put_contents($file, str_replace("# {$start_searche_tag}", $str, file_get_contents($file)));
Koodhka faylka ayaa ah mid fudud oo asal ah, fikradeeda ugu weyni waa in la qaado musharaxiinta xannibaadda oo geli xeerarka xannibaadda faylka .htaccess ee u dhexeeya faallooyinka
# bilow_liiska_diidmada_tooska ah iyo #dhamaadka_liiska_diidmada
Hadda IP-yada "waxyeelo leh" iyaga ayaa xannibay, iyo faylka .htaccess wuxuu u eg yahay sidan oo kale:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Order allow,deny
Allow from all
# start_auto_deny_list
Deny from 94.242.55.248
Deny from 207.46.13.122
Deny from 66.249.64.164
Deny from 54.209.162.70
Deny from 40.77.167.86
Deny from 54.146.43.69
Deny from 207.46.13.168
....... Π½ΠΈΠΆΠ΅ Π΄ΡΡΠ³ΠΈΠ΅ Π°Π΄ΡΠ΅ΡΠ°
# end_auto_deny_list
Natiijo ahaan, ka dib marka koodhkani bilaabo inuu shaqeeyo, waxaad ku arki kartaa natiijada guddiga martigelinta:
PS: Maaddadu waa qoraaga, inkasta oo aan qayb ka mid ah ku daabacay mareegahayga, waxaan helay nuqul ka sii ballaaran oo Habre ah.
Source: www.habr.com