问
来自推荐人的Nginx块
好孩子_瑾马甲 发布于 2023-01-11 09:25我需要阻止所有http连接,谁有引用者click2dad.net.我在mysite.conf中写道:
location / {
valid_referers ~.*http://click2dad\.net.*;
if ($invalid_referer = ''){
return 403;
}
try_files $uri $uri/ /index.php?$args;
}
但我仍然在nginx日志中看到:
HTTP/1.1" 200 26984 "http://click2dad.net/view/VUhfCE4ugTsb0SoKerhgMvPXcmXszU"
200,而不是403
从click2dad.net阻止所有客户端是正确的吗?
1 个回答
-
valid_referers解决方案有效,但就我个人而言,很难以这种方式维持长黑名单.另一种解决方案是使用ngx_http_map_module模块.在ubuntu 14.04 nginx发行版下,你可以创建一个/etc/nginx/blacklist.conf文件:# /etc/nginx/blacklist.conf map $http_referer $bad_referer { hostnames; default 0; # Put regexes for undesired referers here "~social-buttons.com" 1; "~semalt.com" 1; "~kambasoft.com" 1; "~savetubevideo.com" 1; "~descargar-musica-gratis.net" 1; "~7makemoneyonline.com" 1; "~baixar-musicas-gratis.com" 1; "~iloveitaly.com" 1; "~ilovevitaly.ru" 1; "~fbdownloader.com" 1; "~econom.co" 1; "~buttons-for-website.com" 1; "~buttons-for-your-website.com" 1; "~srecorder.co" 1; "~darodar.com" 1; "~priceg.com" 1; "~blackhatworth.com" 1; "~adviceforum.info" 1; "~hulfingtonpost.com" 1; "~best-seo-solution.com" 1; "~googlsucks.com" 1; "~theguardlan.com" 1; "~i-x.wiki" 1; "~buy-cheap-online.info" 1; "~Get-Free-Traffic-Now.com" 1; }然后将其包含在/etc/nginx/nginx.conf文件中:
# /etc/nginx/nginx.conf http { # ... include blacklist.conf; # ... }完成后,您可以检查
$bad_referernginx站点中的条件:# /etc/nginx/sites-enabled/mysite.conf server { # ... if ($bad_referer) { return 444; } # ... }要确保这些东西有效,您可以在shell中执行类似的命令:
$ curl --referer http://www.social-buttons.com https://example.org
......应该给你:
curl: (52) Empty reply from server
我在这里写了一篇关于这个解决方案的博客文章https://fadeit.dk/blog/2015/04/22/nginx-referer-spam-blacklist/.
2023-01-11 09:28 回答
侯faulds_534
撰写答案
今天,你开发时遇到什么问题呢?
立即提问
京公网安备 11010802041100号