利用$host 封指定的域名

域名被攻击,借此使用nignx 自带的rewrite 功能封掉该域名,在虚拟机的server 配置段下做如下配置:

    if ($host !~ ".*yunbofun.com") {
        return 444;
    }

重载下nginx ,观察日志:
[root@soa-prod-admin-glb-010177210101 /home/liujiangbo] 130
tail -f /data/nginx/logs/spider_2017-10-28.log
14.161.3.181 - - [28/Oct/2017:19:42:52 +0800] "GET http://www.yunbofun.com/ HTTP/1.1" "-" "-"444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0" "-"0.000 -
14.161.3.181 - - [28/Oct/2017:19:42:52 +0800] "GET http://www.yunbofun.com/ HTTP/1.1" "-" "-"444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0" "-"0.000 -
14.161.3.181 - - [28/Oct/2017:19:42:52 +0800] "GET http://www.yunbofun.com/ HTTP/1.1" "-" "-"444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0" "-"0.000 -
14.161.3.181 - - [28/Oct/2017:19:42:52 +0800] "GET http://www.yunbofun.com/ HTTP/1.1" "-" "-"444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0" "-"0.000 -
14.161.3.181 - - [28/Oct/2017:19:42:52 +0800] "GET http://www.yunbofun.com/ HTTP/1.1" "-" "-"444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0" "-"0.000 -

最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。

推荐阅读更多精彩内容