10 07 2012

VPS防止CC攻击

bigCat Posted in Linux - Comment.isBlank

http://www.zhujima.com/jiaobengongji.html\r\n\r\n\r\n

\r\n#!/bin/bash\r\ncur=`date +%H%M%S`\r\nbecur=`date -d "1 minute ago" +%H%M%S`\r\nbadip=`tail -n 10000 /home/wwwlogs/zhujima.com.log | egrep -v "\.(gif|jpg|jpeg|png|css|js)" | awk  -v a="$becur" -v b="$cur" -F [' ':] '{t=$5$6$7;if (t>=a && t<=b) print $1}' | sort | uniq -c | awk '{if ($1>=20) print $2}'`\r\nif [ ! -z "$badip" ];then\r\nfor ip in $badip;\r\ndo\r\nif test -z "`/sbin/iptables -nL | grep $ip`";then\r\n/sbin/iptables -I INPUT -s $ip -j DROP\r\nfi\r\ndone\r\nfi

\r\n\r\n屏蔽每分钟访问页面超过20的IP,这些页面已经排除图片,css,js等静态文件。\r\n\r\n

\r\n#!/bin/bash\r\nkeyword="cc-atack"\r\nbadip=`tail -n 5000  /home/wwwlogs/zhujima.com.log | grep "$keyword"  | awk '{print $1}' | sort | uniq -c | sort -nr | awk '{print $2}'`\r\nif [ ! -z "$badip" ];then\r\nfor ip in $badip;\r\ndo\r\nif test -z "`/sbin/iptables -nL | grep $ip`";then\r\n/sbin/iptables -I INPUT -s $ip -j DROP\r\nfi\r\ndone\r\nfi

\r\n\r\n关键词屏蔽

Host: (miao) | Word: Press | Code: HTML5