限定user_agent
当服务器被攻击,并且查看到攻击的user_agent有规律,这时就需要限制user_agent
user_agent配置如下
[root@chy 111.com]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} .*curl.* [NC,OR]
RewriteCond %{HTTP_USER_AGENT} .*baidu.com.* [NC]
RewriteRule .* - [F]
</IfModule>
(增加如上配置,配置详解如下: <IfModule mod_rewrite.c> (这里需要用到rewrite模块)
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} .*curl.* [NC,OR] (OR是或者的意思,或者匹配curl,或者匹配baidu.com)(NC忽略大小写)
RewriteCond %{HTTP_USER_AGENT} .*baidu.com.* [NC]
RewriteRule .* - [F](F的含义‘forbidden F’ (force URL to be forbidden)重写为禁止访问
</IfModule>测试user_agent
# curl -A "chylinux chylinux" -x192.168.212.10:80 'http://www.111.com/123.php' -IDate: Thu, 03 Aug 2017 22:43:50 GMTServer: Apache/2.4.27 (Unix) PHP/5.6.30X-Powered-By: PHP/5.6.30Content-Type: text/html; charset=UTF-8# curl -x192.168.212.10:80 'http://www.111.com/123.php' -IDate: Thu, 03 Aug 2017 22:53:09 GMTServer: Apache/2.4.27 (Unix) PHP/5.6.30Content-Type: text/html; charset=iso-8859-1"http//",如需转载请自行联系原作者
![解决方案:Tomcat警告 [SetPropertiesRule]{Server/Service/Engine/Host/Context} Setting property ‘source‘](https://ucc.alicdn.com/images/user-upload-01/335f7b62ad55494eaadcde190230c8a0.png?x-oss-process=image/resize,h_160,m_lfit)