ProHoster > Blog > Tsamaiso > Re khetholla bots "bobe" bo ka bang teng mme re ba thibela ka IP

Re khetholla bots "bobe" bo ka bang teng mme re ba thibela ka IP

Re khetholla bots "bobe" bo ka bang teng mme re ba thibela ka IP

Lumela! Sehloohong seo ke tla u bolella hore na basebelisi ba kamehla ba amohelang batho ba ka tšoara liaterese tsa IP tse hlahisang mojaro o feteletseng setšeng ebe ba li thibela ho sebelisa lisebelisoa tsa ho amohela, ho tla ba le "hanyenyane" ea khoutu ea php, li-screenshots tse seng kae.

Lintlha tse kentsoeng:

  1. Webosaete e entsoe ho CMS WordPress
  2. Hosting Beget (ena ha se papatso, empa linepe tsa admin li tla tsoa ho mofani enoa ea ikhethileng)
  3. Sebaka sa WordPress se qalile kae-kae mathoasong a 2000 'me se na le palo e kholo ea lingoliloeng le thepa
  4. PHP version 7.2
  5. WP e na le mofuta oa morao-rao
  6. Ka nako e itseng hona joale, sebaka sena se ile sa qala ho hlahisa mojaro o phahameng ho MySQL ho latela data ea ho amohela. Letsatsi le leng le le leng boleng bona bo feta 120% ea tloaelo ka akhaonto
  7. Ho latela Yandex. Sebaka sa Metrica se eteloa ke batho ba 100-200 ka letsatsi

Pele ho tsohle, sena se ile sa etsoa:

  1. Litafole tsa polokelong ea litaba li ile tsa hloekisoa lithōle tse bokeletsoeng
  2. Li-plugins tse sa hlokahaleng li ne li holofalitsoe, likarolo tsa khoutu e siiloeng ke nako li ile tsa tlosoa

Ka nako e ts'oanang, ke rata ho lebisa tlhokomelo ea hau tabeng ea hore likhetho tsa caching (caching plugins) li ile tsa lekoa, ho ile ha hlokomeloa - empa mojaro oa 120% ho tloha sebakeng se le seng o ne o sa fetohe 'me o ka hōla feela.

Hore na moroalo o lekanyelitsoeng ho li-database tsa ho amohela o ne o shebahala joang

Re khetholla bots "bobe" bo ka bang teng mme re ba thibela ka IP
Ka holimo ke sebaka seo ho buuoang ka sona, ka tlase ke libaka tse ling tse nang le li-cms tse lekanang le sephethephethe se batlang se lekana, empa li theha mojaro o fokolang.

Analysis

  • Boiteko bo bongata bo entsoe ka likhetho tsa caching ea data, litebello li ile tsa etsoa libeke tse 'maloa (ka lehlohonolo, nakong ena moamoheli ha a so ka a 'ngolla hore ke ne ke le mobe haholo mme ke tla khaoloa)
  • Ho bile le tlhahlobo le ho batla lipotso tse liehang, joale sebopeho sa database le mofuta oa tafole li fetotsoe hanyane
  • Bakeng sa tlhahlobo, re sebelisitse haholo-holo AWStats e hahelletsoeng (ka tsela, e thusitse ho bala aterese e mpe ka ho fetesisa ea IP ho latela bophahamo ba sephethephethe.
  • Metric - metric e fana ka leseli ka batho feela, eseng ka bots
  • Ho bile le liteko tsa ho sebelisa li-plugins bakeng sa WP tse ka sefang le ho thibela baeti esita le ka naha ea sebaka le mefuta e fapaneng.
  • Ho ile ha fetoha mokhoa o matla ka ho fetesisa oa ho koala sebaka sa marang-rang bakeng sa letsatsi ka molaetsa o reng "Re ntse re le tlhokomelong" - sena se ne se boetse se etsoa ho sebelisoa plugin e tsebahalang. Tabeng ena, re lebeletse hore mojaro o theohe, empa eseng ho litekanyetso tsa zero, kaha maikutlo a WP a thehiloe ho li-hook le li-plugins li qala mosebetsi oa tsona ha "hook" e hlaha, 'me pele "hook" e etsahala, likōpo ho database li ka e se e entsoe

Boemo

  1. Bala liaterese tsa IP tse etsang likopo tse ngata ka nako e khuts'oane.
  2. Ngola palo ea batho ba otlang sebaka
  3. Thibela phihlello ho sebaka ho ipapisitsoe le palo ea hits
  4. Thibela ho sebelisa "Latola ho tloha" ho kena faeleng ea .htaccess
  5. Ha kea ka ka nahana ka likhetho tse ling, tse kang iptables le melao ea Nginx, hobane ke ngola ka ho amohela baeti

Ho hlahile mohopolo, ka hona o hloka ho kengoa tšebetsong, kaha ntle le sena...

  • Ho theha litafole ho bokella data 
    CREATE TABLE `wp_visiters_bot` (
	`id` INT(11) NOT NULL AUTO_INCREMENT,
	`ip` VARCHAR(300) NULL DEFAULT NULL,
	`browser` VARCHAR(500) NULL DEFAULT NULL,
	`cnt` INT(11) NULL DEFAULT NULL,
	`request` TEXT NULL,
	`input` TEXT NULL,
	`data_update` DATETIME NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
	PRIMARY KEY (`id`),
	UNIQUE INDEX `ip` (`ip`)
)
COMMENT='Кандидаты для блокировки'
COLLATE='utf8_general_ci'
ENGINE=InnoDB
AUTO_INCREMENT=1;


    CREATE TABLE `wp_visiters_bot_blocked` (
	`id` INT(11) NOT NULL AUTO_INCREMENT,
	`ip` VARCHAR(300) NOT NULL,
	`data_update` DATETIME NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
	PRIMARY KEY (`id`),
	UNIQUE INDEX `ip` (`ip`)
)
COMMENT='Список уже заблокированных'
COLLATE='utf8_general_ci'
ENGINE=InnoDB
AUTO_INCREMENT=59;


    CREATE TABLE `wp_visiters_bot_history` (
	`id` INT(11) NOT NULL AUTO_INCREMENT,
	`ip` VARCHAR(300) NULL DEFAULT NULL,
	`browser` VARCHAR(500) NULL DEFAULT NULL,
	`cnt` INT(11) NULL DEFAULT NULL,
	`data_update` DATETIME NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
	`data_add` DATETIME NULL DEFAULT CURRENT_TIMESTAMP,
	PRIMARY KEY (`id`),
	UNIQUE INDEX `ip` (`ip`)
)
COMMENT='История всех запросов для дебага'
COLLATE='utf8_general_ci'
ENGINE=InnoDB
AUTO_INCREMENT=1;
  • Ha re theheng faele eo re tla beha khoutu ho eona. Khoutu e tla rekota litafoleng tsa mokhethoa tse thibelang le ho boloka nalane ea ho e lokisa.

    Khoutu ea faele ea ho rekota liaterese tsa IP

    <?php

if (!defined('ABSPATH')) {
    return;
}

global $wpdb;

/**
 * Вернёт конкретный IP адрес посетителя
 * @return boolean
 */
function coderun_get_user_ip() {

    $client_ip = '';

    $address_headers = array(
        'HTTP_CLIENT_IP',
        'HTTP_X_FORWARDED_FOR',
        'HTTP_X_FORWARDED',
        'HTTP_X_CLUSTER_CLIENT_IP',
        'HTTP_FORWARDED_FOR',
        'HTTP_FORWARDED',
        'REMOTE_ADDR',
    );

    foreach ($address_headers as $header) {
        if (array_key_exists($header, $_SERVER)) {

            $address_chain = explode(',', $_SERVER[$header]);
            $client_ip = trim($address_chain[0]);

            break;
        }
    }

    if (!$client_ip) {
        return '';
    }


    if ('0.0.0.0' === $client_ip || '::' === $client_ip || $client_ip == 'unknown') {
        return '';
    }

    return $client_ip;
}

$ip = esc_sql(coderun_get_user_ip()); // IP адрес посетителя

if (empty($ip)) {// Нет IP, ну и идите лесом...
    header('Content-type: application/json;');
    die('Big big bolt....');
}

$browser = esc_sql($_SERVER['HTTP_USER_AGENT']); //Данные для анализа браузера

$request = esc_sql(wp_json_encode($_REQUEST)); //Последний запрос который был к сайту

$input = esc_sql(file_get_contents('php://input')); //Тело запроса, если было

$cnt = 1;

//Запрос в основную таблицу с временными кондидатами на блокировку
$query = <<<EOT
    INSERT INTO wp_visiters_bot (`ip`,`browser`,`cnt`,`request`,`input`)
        VALUES  ('{$ip}','{$browser}','{$cnt}','{$request}','$input')
         ON DUPLICATE KEY UPDATE cnt=cnt+1,request=VALUES(request),input=VALUES(input),browser=VALUES(browser)
EOT;

//Запрос для истории
$query2 = <<<EOT
    INSERT INTO wp_visiters_bot_history (`ip`,`browser`,`cnt`)
        VALUES  ('{$ip}','{$browser}','{$cnt}')
         ON DUPLICATE KEY UPDATE cnt=cnt+1,browser=VALUES(browser)
EOT;


$wpdb->query($query);

$wpdb->query($query2);

    Moko oa khoutu ke ho fumana aterese ea IP ea moeti le ho e ngola tafoleng. Haeba ip e se e ntse e le tafoleng, tšimo ea cnt e tla eketsoa (palo ea likopo setšeng)

  • Joale ntho e tšosang ... Joale ba tla nchesa ka lebaka la liketso tsa ka :)
    Ho rekota kopo e 'ngoe le e' ngoe setšeng, re hokahanya khoutu ea faele ho faele e kholo ea WordPress - wp-load.php. E, re fetola faele ea kernel mme hantle ka mor'a hore phetoho ea lefats'e ea $ wpdb e se e le teng

Kahoo, joale re khona ho bona hore na aterese ena kapa ea IP e tšoauoa hangata hakae tafoleng ea rona mme ka nkho ea kofi re sheba moo hang ka metsotso e meng le e meng ea 5 ho utloisisa setšoantšo.

Re khetholla bots "bobe" bo ka bang teng mme re ba thibela ka IP

Ebe u kopitsa IP e "kotsi", bula faele ea .htaccess 'me u e kenye qetellong ea faele.

Order allow,deny
Allow from all
# start_auto_deny_list
Deny from 94.242.55.248
# end_auto_deny_list

Ke eona, hona joale 94.242.55.248 - ha e na mokhoa oa ho fumana sebaka mme ha e hlahise mojaro ho database

Empa nako le nako ho kopitsa ka letsoho tjena ha se mosebetsi o lokileng haholo, ntle le moo, khoutu e ne e reretsoe ho ikemela.

Ha re kenyeng faele e tla etsoa ka CRON metsotso e meng le e meng e 30:

Ho fetola khoutu ea faele .htaccess

<?php

/**
 * Файл автоматического задания блокировок по IP адресу
 * Должен запрашиваться через CRON
 */
if (empty($_REQUEST['key'])) {
    die('Hello');
}

require('wp-load.php');

global $wpdb;

$limit_cnt = 70; //Лимит запросов по которым отбирать

$deny_table = $wpdb->get_results("SELECT * FROM wp_visiters_bot WHERE cnt>{$limit_cnt}");

$new_blocked = [];

$exclude_ip = [
    '87.236.16.70'//адрес хостинга
];

foreach ($deny_table as $result) {

    if (in_array($result->ip, $exclude_ip)) {
        continue;
    }

    $wpdb->insert('wp_visiters_bot_blocked', ['ip' => $result->ip], ['%s']);
}

$deny_table_blocked = $wpdb->get_results("SELECT * FROM wp_visiters_bot_blocked");

foreach ($deny_table_blocked as $blocked) {
    $new_blocked[] = $blocked->ip;
}

//Очистка таблицы
$wpdb->query("DELETE FROM wp_visiters_bot");

//echo '<pre>';print_r($new_blocked);echo '</pre>';

$file = '.htaccess';

$start_searche_tag = 'start_auto_deny_list';

$end_searche_tag = 'end_auto_deny_list';

$handle = @fopen($file, "r");
if ($handle) {

    $replace_string = '';//Тест для вставки в файл .htaccess

    $target_content = false; //Флаг нужного нам участка кода

    while (($buffer = fgets($handle, 4096)) !== false) {

        if (stripos($buffer, 'start_auto_deny_list') !== false) {
            $target_content = true;
            continue;
        }

        if (stripos($buffer, 'end_auto_deny_list') !== false) {
            $target_content = false;

            continue;
        }

        if ($target_content) {
            $replace_string .= $buffer;
        }
    }
    if (!feof($handle)) {
        echo "Ошибка: fgets() неожиданно потерпел неудачуn";
    }
    fclose($handle);
}

//Текущий файл .htaccess
$content = file_get_contents($file);

$content = str_replace($replace_string, '', $content);

//Очищаем все блокировки в файле .htaccess
file_put_contents($file, $content);

//Запись новых блокировок
$str = "# {$start_searche_tag}" . PHP_EOL;

foreach ($new_blocked as $key => $value) {
    $str .= "Deny from {$value}" . PHP_EOL;
}

file_put_contents($file, str_replace("# {$start_searche_tag}", $str, file_get_contents($file)));

Khoutu ea faele e bonolo ebile ke ea khale mme mohopolo oa eona o ka sehloohong ke ho nka likhetho bakeng sa ho thibela le ho kenya melao e thibelang faeleng ea .htaccess lipakeng tsa maikutlo.
# qala_auto_deny_list le # qetella_lenane_la_lato_la_ka-auto

Hona joale li-IP tse "kotsi" li koetsoe ka bobona, 'me faele ea .htaccess e shebahala tjena:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

Order allow,deny
Allow from all

# start_auto_deny_list
Deny from 94.242.55.248
Deny from 207.46.13.122
Deny from 66.249.64.164
Deny from 54.209.162.70
Deny from 40.77.167.86
Deny from 54.146.43.69
Deny from 207.46.13.168
....... ниже другие адреса
# end_auto_deny_list

Ka lebaka leo, kamora hore khoutu ena e qale ho sebetsa, o ka bona sephetho ho phanele ea ho amohela:

Re khetholla bots "bobe" bo ka bang teng mme re ba thibela ka IP

PS: Litaba ke tsa mongoli, leha ke phatlalalitse karolo ea eona webosaeteng ea ka, ke fumane mofuta o atolositsoeng ho Habre.

Source: www.habr.com

Eketsa ka tlhaloso