不停的变换IP，如何屏蔽呢？日志如下

1lx570 · 发表于 2019-12-13 09:49:37

221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:24 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"
221.196.124.243 - - [13/Dec/2019:09:45:25 +0800] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36"

licess · 发表于 2019-12-13 12:35:48

没规律可循的，只能安装waf，如 https://www.vpser.net/build/lnmp-nginx-lua-waf-install.html
或现在每个ip的连接数

1lx570 · 发表于 2019-12-17 09:34:33

licess 发表于 2019-12-13 12:35
没规律可循的，只能安装waf，如 https://www.vpser.net/build/lnmp-nginx-lua-waf-install.html
或现在每个 ...

装了waf之后，在nginx添加了
lua_package_path "/usr/local/nginx/conf/waf/?.lua";
lua_shared_dict limit 10m;
init_by_lua_file /usr/local/nginx/conf/waf/init.lua;
之后，重启nginx出现错误
Starting nginx... nginx: [emerg] unknown directive "lua_package_path" in /usr/local/nginx/conf/nginx.conf:58

licess · 发表于 2019-12-17 12:23:52

1lx570 发表于 2019-12-17 09:34
装了waf之后，在nginx添加了
lua_package_path "/usr/local/nginx/conf/waf/?.lua";
lua_shared_dict lim ...

估计可能没安装lua或添加位置错误
nginx -V 看一下
贴你配置文件看一下

1lx570 · 发表于 2019-12-17 14:25:42

licess 发表于 2019-12-17 12:23
估计可能没安装lua或添加位置错误
nginx -V 看一下
贴你配置文件看一下

lua_package_path "/usr/local/nginx/conf/waf/?.lua";  是不是这个?的问题，?.lua要不要指定是哪个文件？

配置文件nginx.conf

user  www www;

worker_processes auto;

error_log  /home/wwwlogs/nginx_error.log  crit;

pid       /usr/local/nginx/logs/nginx.pid;

#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;

events
{
      use epoll;
      worker_connections 51200;
      multi_accept on;
}

http
{
      include    mime.types;
      default_type  application/octet-stream;

      server_names_hash_bucket_size 128;
      client_header_buffer_size 32k;
      large_client_header_buffers 4 32k;
      client_max_body_size 50m;

      sendfile on;
      tcp_nopush on;

      keepalive_timeout 60;

      tcp_nodelay on;

      fastcgi_connect_timeout 300;
      fastcgi_send_timeout 300;
      fastcgi_read_timeout 300;
      fastcgi_buffer_size 64k;
      fastcgi_buffers 4 64k;
      fastcgi_busy_buffers_size 128k;
      fastcgi_temp_file_write_size 256k;

      gzip on;
      gzip_min_length  1k;
      gzip_buffers    4 16k;
      gzip_http_version 1.1;
      gzip_comp_level 2;
      gzip_types    text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/xml+rss;
      gzip_vary on;
      gzip_proxied expired no-cache no-store private auth;
      gzip_disable "MSIE [1-6]\.";

      #limit_conn_zone $binary_remote_addr zone=perip:10m;
      ##If enable limit_conn_zone,add "limit_conn perip 10;" to server section.

      server_tokens off;
lua_package_path "/usr/local/nginx/conf/waf/?.lua";
lua_shared_dict limit 10m;
init_by_lua_file /usr/local/nginx/conf/waf/init.lua;
      access_log off;

server
{
      listen 80 default_server;
      #listen [::]:80 default_server ipv6only=on;
      server_name _;
      index index.html index.htm index.php;
      root  /home/wwwroot/default;

      #error_page 404 /404.html;

      # Deny access to PHP files in specific directory
      #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

      include proxy-pass-php.conf;

      location /nginx_status
      {
         stub_status on;
         access_log off;
      }

      location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
      {
         expires    30d;
      }

      location ~ .*\.(js|css)?$
      {
         expires    12h;
      }

      location ~ /.well-known {
         allow all;
      }

      location ~ /\.
      {
         deny all;
      }

      access_log  /home/wwwlogs/access.log;
}
include vhost/*.conf;
}

licess · 发表于 2019-12-17 20:48:42

1lx570 发表于 2019-12-17 14:25
lua_package_path "/usr/local/nginx/conf/waf/?.lua"; 是不是这个?的问题，?.lua要不要指定是哪个文件 ...

配置文件没有问题，按4楼要求提供其他信息

1lx570 · 发表于 2019-12-18 08:48:04

licess 发表于 2019-12-17 20:48
配置文件没有问题，按4楼要求提供其他信息

[root@cloud ~]# nginx -V
nginx version: nginx/1.14.1
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-23) (GCC)
built with OpenSSL 1.0.2o 27 Mar 2018
TLS SNI support enabled
configure arguments: --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --with-http_gzip_static_module --with-http_sub_module --with-stream --with-stream_ssl_module --with-openssl=/root/lnmp1.5/src/openssl-1.0.2o

licess · 发表于 2019-12-18 12:32:47

1lx570 发表于 2019-12-18 08:48
[root@cloud ~]# nginx -V
nginx version: nginx/1.14.1
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-23 ...

就是4楼说的问题，你lua没装肯定是报错，按前面发的教程安装lua，安装好lua就可以了

		自动登录	找回密码
密码			注册

不停的变换IP，如何屏蔽呢？日志如下

军哥运维代购：http://shop63846532.taobao.com/