我的服务器正在遭受严重攻击(可能是 DDOS,我不知道)。我检查了访问日志(为了便于理解,这个网站每天有 1000 名访问者,没什么特别的):
78.176.175.208 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
我正在考虑暂时拒绝所有通过 htaccess 的直接流量(它只占我的流量的 %3%)。
我的问题是如何拒绝通过 .htaccess 的所有直接流量,这有帮助吗?
谢谢
答案1
我不会谈论是否.htaccess值得拒绝直接(无 Referer)请求,因为这可能或可能不值得,这取决于您的具体情况。
无论如何,下面是可以做到的。将以下内容放入.htaccess:
SetEnvIf Referer "^$" NO_REFERER
Order allow,deny
Allow from all
Deny from env=NO_REFERER
这应该允许所有 HTTP 请求,除了那些发送空白(或没有)Referer 标头的请求。
答案2
是的,您可以使用拒绝指令来拒绝特定 IP。作为更好的选择,您可以添加防火墙规则来阻止这些 IP 访问您的 Web 服务器。您必须确定自己在做什么。否则,您最终可能会阻止合法用户访问您的网站。