Apache uses. htaccess Shielding malicious User Agent (anti-Spider) _linux

Source: Internet
Author: User

First, the registered malicious User Agent
1, "mozilla/4.0" (compatible; MSIE 7.0; Windows NT 5.1; EMBEDDEDWB 14.52 FROM:HTTP://WWW.BSALSA.COM/EMBEDDEDWB 14.52;. NET CLR 2.0.50727) "

The following is the two records in the Web site log, the User Agent will repeatedly access the registration page and obtain the authentication code, which is the beginning of spam and malicious registration.

Copy Code code as follows:

116.242.22.10 199.27.128.204––[30/oct/2011:04:02:15 +0800] "get/checkcode.php http/1.1 302 286" http://www.***.com/r Egister.php "" mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; EMBEDDEDWB 14.52 FROM:HTTP://WWW.BSALSA.COM/EMBEDDEDWB 14.52;. NET CLR 2.0.50727) "

116.242.22.10 199.27.128.204––[30/oct/2011:04:02:19 +0800] "post/register.php http/1.1 302 286" http://www.***.com/r Egister.php "" mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; EMBEDDEDWB 14.52 FROM:HTTP://WWW.BSALSA.COM/EMBEDDEDWB 14.52;. NET CLR 2.0.50727) "

2, "mozilla/5.0 Qunarbot/1.0″

It's a spider who ignores robots.txt and doubts about where to go.

3, "mozilla/4.0" (compatible; MSIE 5.00; Windows 98) "

Copy Code code as follows:

61.147.91.201 173.245.48.60––[30/oct/2011:06:00:28 +0800] "Get/mp3/%a5%d6%a5%eb%a9%60%a5%d0%a9%60%a5%c9.mp3 HTTP/ 1.1 "302 286"-"" mozilla/4.0 (compatible; MSIE 5.00; Windows 98) "

Did you see that? Windows 98! Always crawl the Site Directory of MP3 files, are originally uploaded mp3 file to the site's error.

4, "Mozilla/4.0″

Copy Code code as follows:

58.255.120.95 199.27.128.216––[30/oct/2011:06:01:26 +0800] "get/ikmedata/cache/fuck.php http/1.1" 404 1479 "-" "Mozill a/4.0 "
58.255.120.95 199.27.128.216––[30/oct/2011:06:01:27 +0800] "get/data/cache/fuck.php http/1.1" 404 1479 "-" "MOZILLA/4. 0 "
58.255.120.95 199.27.128.216––[30/oct/2011:06:01:27 +0800] "get/data/cache/fuck.php http/1.1" 404 1479 "-" "MOZILLA/4. 0 "

Another pit dad, endless scan, very disgusting.

Second, shielding malicious User Agent
There are a lot of ways to screen the user agent using the. htaccess, where the rewrite rules are used to transfer these user agents away to achieve shielding effects.

Copy Code code as follows:

Rewritecond%{http_user_agent} ". *embeddedwb.*" [OR]
Rewritecond%{http_user_agent} ". *qunarbot.*" [OR]
Rewritecond%{http_user_agent} ". *windows 98.*" [OR]
Rewritecond%{http_user_agent} "^mozilla/4.0$"
Rewriterule ^ (. *) $ http://cao.ni.ma/

Use. htaccess need to know some regular expression syntax to match strings correctly.

If you feel useful, shielding malicious User Agent 0 2 ago, you may want to analyze your own web site log, according to their own needs to customize. You can use the Firefox+user Agent to switcher test results, and Chrome also has a similar extender for switching User 0 2Agent.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.