ProHoster > Ibhulogi > Ulawulo > Sichonga iibhothi ezinokuthi "zibi" kwaye zibathintele nge-IP

Sichonga iibhothi ezinokuthi "zibi" kwaye zibathintele nge-IP

Sichonga iibhothi ezinokuthi "zibi" kwaye zibathintele nge-IP

Mholweni emini nje! Kwinqaku ndiza kukuxelela indlela abasebenzisi ababamba ngayo rhoqo abanokuthi babambe iidilesi ze-IP ezivelisa umthwalo ogqithisileyo kwisayithi kwaye emva koko bavimbele usebenzisa izixhobo zokubamba, kuya kuba "incinci" yekhowudi yephp, izikrini ezimbalwa.

Igalelo ledatha:

  1. Iwebhusayithi yenziwe kwiCMS WordPress
  2. Ukusingatha iBeget (oku ayisosibhengezo, kodwa i-screenshots yephaneli yolawulo iya kuvela kulo mboneleli wokusingatha)
  3. Indawo ye-WordPress yasungulwa kwindawo ethile ekuqaleni kwe-2000 kwaye inenani elikhulu lamanqaku kunye nezixhobo
  4. Uguqulelo lwe-PHP 7.2
  5. I-WP inenguqulelo yamva nje
  6. Ngexesha elithile ngoku, isayithi yaqala ukuvelisa umthwalo ophezulu kwi-MySQL ngokwedatha yokubamba. Yonke imihla eli xabiso lidlula i-120% yesiqhelo kwi-akhawunti nganye
  7. Ngokutsho kweYandex. Indawo yeMetrica ityelelwa ngabantu abayi-100-200 ngosuku

Okokuqala, oku kwenziwa:

  1. Iitheyibhile zesiseko sedatha zacocwa inkunkuma eqokelelweyo
  2. Iiplagi ezingeyomfuneko zacinywa, amacandelo ekhowudi ephelelwe lixesha asusiwe

Ngexesha elifanayo, ndingathanda ukutsala ingqalelo yakho kwinto yokuba iinketho ze-caching (i-caching plugins) zazanywa, ukuqwalaselwa kwenziwa - kodwa umthwalo we-120% ukusuka kwindawo enye wawungatshintshi kwaye unokukhula kuphela.

Ubunjani umthwalo oqikelelweyo kugcino-lwazi lokubamba ujongeka njani

Sichonga iibhothi ezinokuthi "zibi" kwaye zibathintele nge-IP
Phezulu yindawo ekuthethwa ngayo, apha ngezantsi kukho ezinye iisayithi ezinee-cms ezifanayo kwaye malunga netrafikhi efanayo, kodwa yenza umthwalo omncinci.

Uhlalutyo

  • Iinzame ezininzi zenziwa ngokukhethwa kwedatha yokugcina idatha, uqwalaselo lwenziwa kwiiveki ezininzi (ngethamsanqa, ngeli xesha ukusingathwa akuzange kundibhalele ukuba ndimbi kakhulu kwaye ndiza kukhutshwa)
  • Kwakukho uhlalutyo kunye nokukhangela imibuzo ecothayo, emva koko ubume besiseko sedatha kunye nohlobo lwetafile zatshintshwa kancinci
  • Ukuhlalutya, sisebenzise ngokukodwa i-AWStats eyakhelwe ngaphakathi (ngendlela, incede ukubala idilesi ye-IP embi kakhulu ngokusekelwe kumthamo wezithuthi.
  • I-Metric - i-metric inikezela ngolwazi malunga nabantu kuphela, kungekhona malunga ne-bots
  • Kukho iinzame zokusebenzisa iiplagi zeWP ezinokuthi zihluze kwaye zithintele iindwendwe nakwilizwe lendawo kunye neendidi ezahlukeneyo.
  • Indlela egqibeleleyo yajika yaba kukuvala indawo yosuku kunye nenqaku elithi "Siphantsi kogcino" - oku kwenziwa kusetyenziswa iplagin eyaziwayo. Kule meko, silindele ukuba umthwalo wehle, kodwa ungabikho kwixabiso le-zero, ekubeni ingcamango yeWP isekelwe kwiikhonkco kunye neeplagizi ziqala umsebenzi wazo xa "ikhonkco" lenzeka, kwaye ngaphambi kokuba "i-hook" yenzeke, izicelo kwi-database ziyakwazi. sele yenziwe

Umbono

  1. Bala iidilesi ze-IP ezenza izicelo ezininzi ngexesha elifutshane.
  2. Rekhoda inani lokubethelwa kwindawo
  3. Vimba ukufikelela kwisiza ngokusekwe kwinani lokubetha
  4. Vimba usebenzisa "Yenqaba ukusuka" ukungena kwifayile ye.htaccess
  5. Andizange ndiqwalasele ezinye iinketho, njenge-iptables kunye nemithetho ye-Nginx, kuba ndibhala malunga nokusingatha

Kuye kwavela umbono, ngoko ke kufuneka uphunyezwe, njengoko ngaphandle koku ...

  • Ukwenza iitheyibhile ukuqokelela idatha 
    CREATE TABLE `wp_visiters_bot` (
	`id` INT(11) NOT NULL AUTO_INCREMENT,
	`ip` VARCHAR(300) NULL DEFAULT NULL,
	`browser` VARCHAR(500) NULL DEFAULT NULL,
	`cnt` INT(11) NULL DEFAULT NULL,
	`request` TEXT NULL,
	`input` TEXT NULL,
	`data_update` DATETIME NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
	PRIMARY KEY (`id`),
	UNIQUE INDEX `ip` (`ip`)
)
COMMENT='ΠšΠ°Π½Π΄ΠΈΠ΄Π°Ρ‚Ρ‹ для Π±Π»ΠΎΠΊΠΈΡ€ΠΎΠ²ΠΊΠΈ'
COLLATE='utf8_general_ci'
ENGINE=InnoDB
AUTO_INCREMENT=1;


    CREATE TABLE `wp_visiters_bot_blocked` (
	`id` INT(11) NOT NULL AUTO_INCREMENT,
	`ip` VARCHAR(300) NOT NULL,
	`data_update` DATETIME NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
	PRIMARY KEY (`id`),
	UNIQUE INDEX `ip` (`ip`)
)
COMMENT='Бписок ΡƒΠΆΠ΅ Π·Π°Π±Π»ΠΎΠΊΠΈΡ€ΠΎΠ²Π°Π½Π½Ρ‹Ρ…'
COLLATE='utf8_general_ci'
ENGINE=InnoDB
AUTO_INCREMENT=59;


    CREATE TABLE `wp_visiters_bot_history` (
	`id` INT(11) NOT NULL AUTO_INCREMENT,
	`ip` VARCHAR(300) NULL DEFAULT NULL,
	`browser` VARCHAR(500) NULL DEFAULT NULL,
	`cnt` INT(11) NULL DEFAULT NULL,
	`data_update` DATETIME NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
	`data_add` DATETIME NULL DEFAULT CURRENT_TIMESTAMP,
	PRIMARY KEY (`id`),
	UNIQUE INDEX `ip` (`ip`)
)
COMMENT='Π˜ΡΡ‚ΠΎΡ€ΠΈΡ всСх запросов для Π΄Π΅Π±Π°Π³Π°'
COLLATE='utf8_general_ci'
ENGINE=InnoDB
AUTO_INCREMENT=1;
  • Masenze ifayile apho siya kubeka khona ikhowudi. Ikhowudi iya kurekhoda kwiitheyibhile zomgqatswa ezibhlokayo kwaye igcine imbali yokulungisa iimpazamo.

    Ikhowudi yefayile yokurekhoda iidilesi ze-IP

    <?php

if (!defined('ABSPATH')) {
    return;
}

global $wpdb;

/**
 * Π’Π΅Ρ€Π½Ρ‘Ρ‚ ΠΊΠΎΠ½ΠΊΡ€Π΅Ρ‚Π½Ρ‹ΠΉ IP адрСс посСтитСля
 * @return boolean
 */
function coderun_get_user_ip() {

    $client_ip = '';

    $address_headers = array(
        'HTTP_CLIENT_IP',
        'HTTP_X_FORWARDED_FOR',
        'HTTP_X_FORWARDED',
        'HTTP_X_CLUSTER_CLIENT_IP',
        'HTTP_FORWARDED_FOR',
        'HTTP_FORWARDED',
        'REMOTE_ADDR',
    );

    foreach ($address_headers as $header) {
        if (array_key_exists($header, $_SERVER)) {

            $address_chain = explode(',', $_SERVER[$header]);
            $client_ip = trim($address_chain[0]);

            break;
        }
    }

    if (!$client_ip) {
        return '';
    }


    if ('0.0.0.0' === $client_ip || '::' === $client_ip || $client_ip == 'unknown') {
        return '';
    }

    return $client_ip;
}

$ip = esc_sql(coderun_get_user_ip()); // IP адрСс посСтитСля

if (empty($ip)) {// НСт IP, Π½Ρƒ ΠΈ ΠΈΠ΄ΠΈΡ‚Π΅ лСсом...
    header('Content-type: application/json;');
    die('Big big bolt....');
}

$browser = esc_sql($_SERVER['HTTP_USER_AGENT']); //Π”Π°Π½Π½Ρ‹Π΅ для Π°Π½Π°Π»ΠΈΠ·Π° Π±Ρ€Π°ΡƒΠ·Π΅Ρ€Π°

$request = esc_sql(wp_json_encode($_REQUEST)); //ПослСдний запрос ΠΊΠΎΡ‚ΠΎΡ€Ρ‹ΠΉ Π±Ρ‹Π» ΠΊ сайту

$input = esc_sql(file_get_contents('php://input')); //Π’Π΅Π»ΠΎ запроса, Ссли Π±Ρ‹Π»ΠΎ

$cnt = 1;

//Запрос Π² ΠΎΡΠ½ΠΎΠ²Π½ΡƒΡŽ Ρ‚Π°Π±Π»ΠΈΡ†Ρƒ с Π²Ρ€Π΅ΠΌΠ΅Π½Π½Ρ‹ΠΌΠΈ ΠΊΠΎΠ½Π΄ΠΈΠ΄Π°Ρ‚Π°ΠΌΠΈ Π½Π° Π±Π»ΠΎΠΊΠΈΡ€ΠΎΠ²ΠΊΡƒ
$query = <<<EOT
    INSERT INTO wp_visiters_bot (`ip`,`browser`,`cnt`,`request`,`input`)
        VALUES  ('{$ip}','{$browser}','{$cnt}','{$request}','$input')
         ON DUPLICATE KEY UPDATE cnt=cnt+1,request=VALUES(request),input=VALUES(input),browser=VALUES(browser)
EOT;

//Запрос для истории
$query2 = <<<EOT
    INSERT INTO wp_visiters_bot_history (`ip`,`browser`,`cnt`)
        VALUES  ('{$ip}','{$browser}','{$cnt}')
         ON DUPLICATE KEY UPDATE cnt=cnt+1,browser=VALUES(browser)
EOT;


$wpdb->query($query);

$wpdb->query($query2);

    Undoqo wekhowudi kukufumana idilesi ye-IP yendwendwe kwaye uyibhale kwitafile. Ukuba i-ip sele ikwitafile, indawo ye-cnt iya kwandiswa (inani lezicelo kwisiza)

  • Ngoku into eyoyikisayo... Ngoku baya kunditshisa ngezenzo zam :)
    Ukurekhoda isicelo ngasinye kwisayithi, sidibanisa ikhowudi yefayile kwifayile ephambili ye-WordPress - wp-load.php. Ewe, siyayitshintsha ifayile ye-kernel kwaye ngokuchanekileyo emva kokuguquguquka kwehlabathi jikelele $wpdb sele ikhona

Ke, ngoku sinokubona ukuba le okanye idilesi ye-IP iphawulwe kangaphi kwitafile yethu kwaye ngemagi yekofu sijonga apho kanye ngemizuzu emi-5 ukuqonda umfanekiso.

Sichonga iibhothi ezinokuthi "zibi" kwaye zibathintele nge-IP

Emva koko khuphela ngokulula i-IP "eyingozi", vula ifayile ye.htaccess kwaye uyifake ekupheleni kwefayile.

Order allow,deny
Allow from all
# start_auto_deny_list
Deny from 94.242.55.248
# end_auto_deny_list

Yiyo, ngoku i-94.242.55.248 - ayinakho ukufikelela kwisiza kwaye ayivelisi umthwalo kwisiseko sedatha.

Kodwa ngalo lonke ixesha ukukopa ngesandla ngolu hlobo ayingomsebenzi olungileyo kakhulu, kwaye ngaphandle koko, ikhowudi yayijonge ukuzimela.

Masiyongeze ifayile eya kusetyenziswa nge-CRON rhoqo ngemizuzu engama-30:

Ikhowudi yefayile yokuguqula .htaccess

<?php

/**
 * Π€Π°ΠΉΠ» автоматичСского задания Π±Π»ΠΎΠΊΠΈΡ€ΠΎΠ²ΠΎΠΊ ΠΏΠΎ IP адрСсу
 * Π”ΠΎΠ»ΠΆΠ΅Π½ Π·Π°ΠΏΡ€Π°ΡˆΠΈΠ²Π°Ρ‚ΡŒΡΡ Ρ‡Π΅Ρ€Π΅Π· CRON
 */
if (empty($_REQUEST['key'])) {
    die('Hello');
}

require('wp-load.php');

global $wpdb;

$limit_cnt = 70; //Π›ΠΈΠΌΠΈΡ‚ запросов ΠΏΠΎ ΠΊΠΎΡ‚ΠΎΡ€Ρ‹ΠΌ ΠΎΡ‚Π±ΠΈΡ€Π°Ρ‚ΡŒ

$deny_table = $wpdb->get_results("SELECT * FROM wp_visiters_bot WHERE cnt>{$limit_cnt}");

$new_blocked = [];

$exclude_ip = [
    '87.236.16.70'//адрСс хостинга
];

foreach ($deny_table as $result) {

    if (in_array($result->ip, $exclude_ip)) {
        continue;
    }

    $wpdb->insert('wp_visiters_bot_blocked', ['ip' => $result->ip], ['%s']);
}

$deny_table_blocked = $wpdb->get_results("SELECT * FROM wp_visiters_bot_blocked");

foreach ($deny_table_blocked as $blocked) {
    $new_blocked[] = $blocked->ip;
}

//ΠžΡ‡ΠΈΡΡ‚ΠΊΠ° Ρ‚Π°Π±Π»ΠΈΡ†Ρ‹
$wpdb->query("DELETE FROM wp_visiters_bot");

//echo '<pre>';print_r($new_blocked);echo '</pre>';

$file = '.htaccess';

$start_searche_tag = 'start_auto_deny_list';

$end_searche_tag = 'end_auto_deny_list';

$handle = @fopen($file, "r");
if ($handle) {

    $replace_string = '';//ВСст для вставки Π² Ρ„Π°ΠΉΠ» .htaccess

    $target_content = false; //Π€Π»Π°Π³ Π½ΡƒΠΆΠ½ΠΎΠ³ΠΎ Π½Π°ΠΌ участка ΠΊΠΎΠ΄Π°

    while (($buffer = fgets($handle, 4096)) !== false) {

        if (stripos($buffer, 'start_auto_deny_list') !== false) {
            $target_content = true;
            continue;
        }

        if (stripos($buffer, 'end_auto_deny_list') !== false) {
            $target_content = false;

            continue;
        }

        if ($target_content) {
            $replace_string .= $buffer;
        }
    }
    if (!feof($handle)) {
        echo "Ошибка: fgets() Π½Π΅ΠΎΠΆΠΈΠ΄Π°Π½Π½ΠΎ ΠΏΠΎΡ‚Π΅Ρ€ΠΏΠ΅Π» Π½Π΅ΡƒΠ΄Π°Ρ‡Ρƒn";
    }
    fclose($handle);
}

//Π’Π΅ΠΊΡƒΡ‰ΠΈΠΉ Ρ„Π°ΠΉΠ» .htaccess
$content = file_get_contents($file);

$content = str_replace($replace_string, '', $content);

//ΠžΡ‡ΠΈΡ‰Π°Π΅ΠΌ всС Π±Π»ΠΎΠΊΠΈΡ€ΠΎΠ²ΠΊΠΈ Π² Ρ„Π°ΠΉΠ»Π΅ .htaccess
file_put_contents($file, $content);

//Π—Π°ΠΏΠΈΡΡŒ Π½ΠΎΠ²Ρ‹Ρ… Π±Π»ΠΎΠΊΠΈΡ€ΠΎΠ²ΠΎΠΊ
$str = "# {$start_searche_tag}" . PHP_EOL;

foreach ($new_blocked as $key => $value) {
    $str .= "Deny from {$value}" . PHP_EOL;
}

file_put_contents($file, str_replace("# {$start_searche_tag}", $str, file_get_contents($file)));

Ikhowudi yefayile ilula kwaye iyinto yokuqala kwaye ingcamango yayo ephambili kukuthatha abaviwa ukubhloka kunye nokufaka imithetho ethintela kwifayile ye.htaccess phakathi kwezimvo.
# qala_uluhlu_lokukhanyela_okuzenzekelayo kwaye # phelisa_uluhlu_lokukhanyela_okuzenzekelayo

Ngoku ii-IP "ezinobungozi" zivaliwe ngokwazo, kwaye ifayile ye.htaccess ibonakala ngolu hlobo:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

Order allow,deny
Allow from all

# start_auto_deny_list
Deny from 94.242.55.248
Deny from 207.46.13.122
Deny from 66.249.64.164
Deny from 54.209.162.70
Deny from 40.77.167.86
Deny from 54.146.43.69
Deny from 207.46.13.168
....... Π½ΠΈΠΆΠ΅ Π΄Ρ€ΡƒΠ³ΠΈΠ΅ адрСса
# end_auto_deny_list

Ngenxa yoko, emva kokuba le khowudi iqale ukusebenza, unokubona umphumo kwiphaneli yokubamba:

Sichonga iibhothi ezinokuthi "zibi" kwaye zibathintele nge-IP

I-PS: Izinto eziphathekayo zezombhali, nangona ndipapashe inxalenye yayo kwiwebhusayithi yam, ndifumene inguqulelo eyandisiweyo kwiHabre.

umthombo: www.habr.com

Yongeza izimvo