VPS侦探论坛 › LNMP一键安装包 › 不停的变换IP，如何屏蔽呢？日志如下

1lx570 发表于 2019-12-13 09:49:37

不停的变换IP，如何屏蔽呢？日志如下

221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"

licess 发表于 2019-12-13 12:35:48

没规律可循的，只能安装waf，如 https://www.vpser.net/build/lnmp-nginx-lua-waf-install.html
或现在每个ip的连接数

1lx570 发表于 2019-12-17 09:34:33

licess 发表于 2019-12-13 12:35
没规律可循的，只能安装waf，如 https://www.vpser.net/build/lnmp-nginx-lua-waf-install.html
或现在每个 ...

装了waf之后，在nginx添加了
lua_package_path "/usr/local/nginx/conf/waf/?.lua";
lua_shared_dict limit 10m;
init_by_lua_file /usr/local/nginx/conf/waf/init.lua;
之后，重启nginx出现错误
Starting nginx... nginx: unknown directive "lua_package_path" in /usr/local/nginx/conf/nginx.conf:58

licess 发表于 2019-12-17 12:23:52

1lx570 发表于 2019-12-17 09:34
装了waf之后，在nginx添加了
lua_package_path "/usr/local/nginx/conf/waf/?.lua";
lua_shared_dict lim ...

估计可能没安装lua或添加位置错误
nginx -V 看一下
贴你配置文件看一下

1lx570 发表于 2019-12-17 14:25:42

licess 发表于 2019-12-17 12:23
估计可能没安装lua或添加位置错误
nginx -V 看一下
贴你配置文件看一下

https://img.alicdn.com/imgextra/i1/320914183/O1CN014cLIuv1glrK2YgFcT_!!320914183.png
lua_package_path "/usr/local/nginx/conf/waf/?.lua";是不是这个?的问题，?.lua要不要指定是哪个文件？



配置文件nginx.conf

userwww www;

worker_processes auto;

error_log/home/wwwlogs/nginx_error.logcrit;

pid      /usr/local/nginx/logs/nginx.pid;

#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;

events
    {
      use epoll;
      worker_connections 51200;
      multi_accept on;
    }

http
    {
      include       mime.types;
      default_typeapplication/octet-stream;

      server_names_hash_bucket_size 128;
      client_header_buffer_size 32k;
      large_client_header_buffers 4 32k;
      client_max_body_size 50m;

      sendfile   on;
      tcp_nopush on;

      keepalive_timeout 60;

      tcp_nodelay on;

      fastcgi_connect_timeout 300;
      fastcgi_send_timeout 300;
      fastcgi_read_timeout 300;
      fastcgi_buffer_size 64k;
      fastcgi_buffers 4 64k;
      fastcgi_busy_buffers_size 128k;
      fastcgi_temp_file_write_size 256k;

      gzip on;
      gzip_min_length1k;
      gzip_buffers   4 16k;
      gzip_http_version 1.1;
      gzip_comp_level 2;
      gzip_types   text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/xml+rss;
      gzip_vary on;
      gzip_proxied   expired no-cache no-store private auth;
      gzip_disable   "MSIE \.";

      #limit_conn_zone $binary_remote_addr zone=perip:10m;
      ##If enable limit_conn_zone,add "limit_conn perip 10;" to server section.

      server_tokens off;
        lua_package_path "/usr/local/nginx/conf/waf/?.lua";
        lua_shared_dict limit 10m;
        init_by_lua_file /usr/local/nginx/conf/waf/init.lua;
      access_log off;

server
    {
      listen 80 default_server;
      #listen [::]:80 default_server ipv6only=on;
      server_name _;
      index index.html index.htm index.php;
      root/home/wwwroot/default;

      #error_page   404   /404.html;

      # Deny access to PHP files in specific directory
      #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

      include proxy-pass-php.conf;

      location /nginx_status
      {
            stub_status on;
            access_log   off;
      }

      location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
      {
            expires      30d;
      }

      location ~ .*\.(js|css)?$
      {
            expires      12h;
      }

      location ~ /.well-known {
            allow all;
      }

      location ~ /\.
      {
            deny all;
      }

      access_log/home/wwwlogs/access.log;
    }
include vhost/*.conf;
}

licess 发表于 2019-12-17 20:48:42

1lx570 发表于 2019-12-17 14:25
lua_package_path "/usr/local/nginx/conf/waf/?.lua";是不是这个?的问题，?.lua要不要指定是哪个文件 ...

配置文件没有问题，按4楼要求提供其他信息

1lx570 发表于 2019-12-18 08:48:04

licess 发表于 2019-12-17 20:48
配置文件没有问题，按4楼要求提供其他信息

# nginx -V
nginx version: nginx/1.14.1
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-23) (GCC)
built with OpenSSL 1.0.2o27 Mar 2018
TLS SNI support enabled
configure arguments: --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --with-http_gzip_static_module --with-http_sub_module --with-stream --with-stream_ssl_module --with-openssl=/root/lnmp1.5/src/openssl-1.0.2o

licess 发表于 2019-12-18 12:32:47

1lx570 发表于 2019-12-18 08:48
# nginx -V
nginx version: nginx/1.14.1
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-23 ...

就是4楼说的问题，你lua没装肯定是报错，按前面发的教程安装lua，安装好lua就可以了

查看完整版本: 不停的变换IP，如何屏蔽呢？日志如下