Shulou(Shulou.com)06/02 Report--

A few days ago, I found that my website was launched by a large number of malicious and targeted scans by some IP in an attempt to obtain some internal configuration files and information in the website through violence detection. I defused the attack with .Htaccess by adding the following configuration to the .Htaccess file:

Order allow,deny deny from 180.97.106. Allow from all

.Htaccess is a very powerful configuration file for a website. The more you learn about its functions, the easier it will be to control your site configuration. Using .Htaccess to prohibit an IP from visiting a website is one of its basic functions. The above configuration is just one of the uses, and I'll summarize more uses under this related topic below.

Specify IP to block access

Order allow,deny deny from 192.168.44.201 deny from 224.39.163.12 deny from 172.16.7.92 allow from all

The above code shows how to disable access to three different IP sites.

Specify IP segment to block access

If you have a lot of IP to ban and find it too troublesome to specify one at a time, here's how to ban one IP segment at a time:

Order allow,deny deny from 192.168. Deny from 10.0.0. Allow from all

Specify a domain name to block access

Order allow,deny deny from some-evil-isp.com deny from subdomain.another-evil-isp.com allow from all

The above code prevents a particular ISP from accessing the site.

Disable robot crawlers (bots,spiders) using .Htaccess

In China, I think the only search engines you need are Google and Baidu, and other small search engines, such as Sogou, 360and so on, can be ignored, otherwise, the crawlers of these unimportant search engines will not only bring you no benefits. and crawl to death. Here's how to ban them:

# get rid of the bad bot RewriteEngine on RewriteCond% {HTTP_USER_AGENT} ^ BadBot RewriteRule ^ (. *) $http://go.away/

One kind of crawler is prohibited above. If you want to disable multiple crawlers, you can configure them like this in .Htaccess:

# get rid of bad bots RewriteEngine on RewriteCond% {HTTP_USER_AGENT} ^ BadBot [OR] RewriteCond% {HTTP_USER_AGENT} ^ EvilScraper [OR] RewriteCond% {HTTP_USER_AGENT} ^ FakeUser RewriteRule ^ (. *) $http://go.away/

This code blocks different crawlers in 3 at the same time, pay attention to the "[OR]" in it.

Use .Htaccess to disable hotlink theft (hotlink)

If your site is very popular, there will be resources like pictures or videos on your site, and some people will embed them directly without professional ethics, occupying or wasting your bandwidth and affecting the stability of your server. For such hotlink behavior, it is easy to block their theft using .Htaccess, like the following:

RewriteEngine on RewriteCond% {HTTP_REFERER} ^ http://.*somebadforum\.com [NC] RewriteRule. *-[F]

After adding the above code to .Htaccess, when the somebadforum.com website steals your website resources, the server will return a 403 Forbidden error and your bandwidth will no longer be lost.

The following code is how to block multiple websites:

RewriteEngine on RewriteCond% {HTTP_REFERER} ^ http://.*somebadforum\.com [NC,OR] RewriteCond% {HTTP_REFERER} ^ http://.*example\.com [NC,OR] RewriteCond% {HTTP_REFERER} ^ http://.*lastexample\.com [NC] RewriteRule. *-[F]

As you can see, .htaccess is a very powerful web server configuration tool, through which you can have rich and free control over the web server, but the solution is usually very simple, elegant and basically does not need to restart the server, that is, effective immediately.

If you don't already have this configuration file on your server, build one!

For Lido's article on using .Htaccess files to prevent IP from malicious attacks on websites, please click on the relevant links below

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.