我有一个小网站。当我执行 netstat 时,显示大量来自 .p.mail 的流量。
我认为这是某种邮件机器人,试图从我的网站窃取电子邮件地址。我该如何阻止这种情况?
我将其添加到我的 htaccess 中RewriteCond %{HTTP_REFERER} \.(ru|kz|in|mail)(/|$) [NC] RewriteRule .* - [F],但似乎没有帮助。我正在运行带有 PHP 应用程序的 Apache 服务器
tcp 0 64 128.199.152.125:ssh 254.96.96.58.stat:49174 ESTABLISHED
tcp6 1 0 128.199.152.125:http fetcher9-7.p.mail:52455 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http crawl-66-249-71-7:39927 CLOSE_WAIT
tcp6 0 0 128.199.152.125:http fetcher9-5.p.mail:48034 ESTABLISHED
tcp6 1 0 128.199.152.125:http fetcher9-6.p.mail:38781 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-3.p.mail:49137 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9.mail.ru:46906 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-3.p.mail:49102 CLOSE_WAIT
tcp6 0 0 128.199.152.125:http fetcher9-4.p.mail:60833 ESTABLISHED
tcp6 1 0 128.199.152.125:http fetcher9-1.p.mail:58404 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-3.p.mail:38515 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http crawl-66-249-71-9:65419 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-4.p.mail:39761 CLOSE_WAIT
tcp6 0 0 128.199.152.125:http fetcher9-3.p.mail:46664 ESTABLISHED
tcp6 1 0 128.199.152.125:http fetcher9-5.p.mail:57961 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-2.p.mail:58029 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-6.p.mail:53075 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9.mail.ru:47363 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-4.p.mail:52394 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9.mail.ru:54476 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9.mail.ru:36110 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-2.p.mail:55155 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-7.p.mail:59306 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-2.p.mail:36667 CLOSE_WAIT
tcp6 0 0 128.199.152.125:http fetcher9-5.p.mail:51968 ESTABLISHED
tcp6 0 0 128.199.152.125:http fetcher9-4.p.mail:41478 ESTABLISHED
tcp6 1 0 128.199.152.125:http fetcher9-5.p.mail:60032 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-2.p.mail:44335 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-6.p.mail:57922 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-1.p.mail:59718 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-3.p.mail:47470 CLOSE_WAIT
tcp6 0 0 128.199.152.125:http fetcher9-6.p.mail:59941 ESTABLISHED
tcp6 1 0 128.199.152.125:http fetcher9-1.p.mail:54604 CLOSE_WAIT
tcp6 0 0 128.199.152.125:http fetcher9.mail.ru:48307 ESTABLISHED
tcp6 1 0 128.199.152.125:http fetcher9-6.p.mail:47410 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-2.p.mail:52740 CLOSE_WAIT
tcp6 0 0 128.199.152.125:http fetcher9.mail.ru:48957 ESTABLISHED
tcp6 0 0 128.199.152.125:http fetcher9-6.p.mail:55988 ESTABLISHED
tcp6 0 0 128.199.152.125:http fetcher9-6.p.mail:45431 ESTABLISHED
tcp6 0 0 128.199.152.125:http crawl-66-249-71-1:54299 ESTABLISHED
tcp6 1 0 128.199.152.125:http fetcher9-1.p.mail:44075 CLOSE_WAIT
tcp6 0 0 128.199.152.125:http fetcher9-7.p.mail:51332 ESTABLISHED
tcp6 1 0 128.199.152.125:http fetcher9-6.p.mail:40081 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-2.p.mail:47806 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-5.p.mail:40396 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http baiduspider-180-7:53078 CLOSE_WAIT
tcp6 1 0 128.199.152.125:http fetcher9-1.p.mail:46357 CLOSE_WAIT
答案1
您可以使用:
RewriteCond %{HTTP_USER_AGENT} ^p\.mail [NC,OR]
RewriteRule ^.* - [F,L]
或阻止 IP 地址,但就像迈克尔所说的那样,也许它是一个搜索引擎。
答案2
我最终使用 iptables 来阻止 ips。
从 root linux shell 中我输入
iptables -A INPUT -s 217.69.133.13 -j DROP
iptables -A INPUT -s 217.69.133.12 -j DROP
iptables -A INPUT -s 217.69.133.10 -j DROP
iptables -A INPUT -s 217.69.133.11 -j DROP
iptables -A INPUT -s 217.69.133.14 -j DROP
iptables -A INPUT -s 217.69.133.15 -j DROP
iptables -A INPUT -s 217.69.133.16 -j DROP
iptables -A INPUT -s 217.69.133.17 -j DROP
iptables -A INPUT -s 217.69.133.18 -j DROP
iptables -A INPUT -s fetcher9.mail.ru -j DROP
然后它就停了下来