垃圾来袭

stopspam

最近发现网站所在的主机资源占用很严重,长期超过80%,经常触发资源达到限制的508错误。一开始没注意,结果月底主机带宽用光。这么多年,这个主机的带宽从未用完过一半,这个月居然用完了!于是开始仔细看访问日志,发现一大堆来自福建莆田的IP,频繁刷新各种页面,目的不明。主机商协助增加了3次,每次1G的流量,都很快被搞完。

主机商建议使用CDN来分摊流量和主机负载。于是先把网站弄到CloudFlare,一开始很给力,网站访问速度大幅上升。没多久,发现访问网站失败,翻墙再试,正常得很。看来CloudFlare被盯得很紧,我有幸分配到了一个被加持过的IP。然后看到安全宝也有类似的CDN服务,仍然是免费的。注册完发现,需要备案,否则只能分配一个境外IP。备你妈的案啊!

不过再看看安全宝提供的境外节点,貌似是个日本IP,国内访问速度还不错。我又开始动脑筋了,把两个CDN都用上!DNSPOD就是干这个的。对比了一下两个CDN针对国内国外的访问速度,最后把国外线路和移动线路的分到CloudFlare,把国内其他线路都分到安全宝。

速度上去了,缺点是大访问量仍然存在,尤其是刚刚转CDN,它们的各个节点都要来缓存网页。这个节骨眼上,主机商赠送的流量根本不够折腾,只好先想办法把那些垃圾都找出来,全部屏蔽掉,熬到下个月再说。

cPanel本身支持添加IP黑名单,但是一个一个加,工作量太大。另外一个方法就是自己改.htaccess文件,把垃圾来源IP都放里边,我把目前整理好的IP段都列出来,99%来自福建,其中又有90%来自莆田。于是我直接屏蔽掉整个IP段。这里只能对莆田可能的访问者说抱歉了。当然,这个抱歉也没法成功看到,hoho

<Files 403.shtml>
order allow,deny
allow from all
</Files>

deny from 108.162.216.
deny from 110.85.102.
deny from 110.85.106.
deny from 110.85.107.
deny from 110.85.113.
deny from 110.85.114.
deny from 110.85.115.
deny from 110.85.68.
deny from 110.85.69.
deny from 110.85.70.
deny from 110.85.72.
deny from 110.85.104.
deny from 110.86.165.
deny from 110.86.167.
deny from 110.86.185.
deny from 110.89.13.
deny from 110.89.34.
deny from 110.89.35.
deny from 110.89.46.
deny from 110.89.52.
deny from 110.89.53.
deny from 110.89.60.
deny from 110.89.61.
deny from 110.89.9.
deny from 112.111.160.
deny from 112.111.188.
deny from 112.111.189.
deny from 112.111.190.
deny from 117.26.117.
deny from 117.26.118.
deny from 117.26.119.
deny from 117.26.192.
deny from 117.26.193.
deny from 117.26.195.
deny from 117.26.200.
deny from 117.26.201.
deny from 117.26.202.
deny from 117.26.203.
deny from 117.26.248.
deny from 117.26.252.
deny from 117.26.254.
deny from 117.26.76.
deny from 117.26.77.
deny from 117.26.78.
deny from 117.26.79.
deny from 117.26.85.
deny from 117.26.86.
deny from 120.33.240.
deny from 120.33.241.
deny from 120.33.242.
deny from 120.33.243.
deny from 120.37.208.
deny from 120.37.210.
deny from 120.37.211.
deny from 120.37.216.
deny from 120.37.226.
deny from 120.37.228.
deny from 120.37.234.
deny from 120.37.238.
deny from 120.37.243.
deny from 120.40.148.
deny from 120.40.149.
deny from 120.40.150.
deny from 120.43.10.
deny from 120.43.26.
deny from 120.43.30.
deny from 120.43.4.
deny from 120.43.6.
deny from 120.43.8.
deny from 121.205.196.
deny from 121.205.198.
deny from 121.205.199.
deny from 121.205.215.
deny from 121.205.239.
deny from 121.205.242.
deny from 121.205.243.
deny from 121.205.247.
deny from 121.205.248.
deny from 121.207.140.
deny from 123.116.37.
deny from 139.227.62.
deny from 14.18.171.
deny from 175.42.92.
deny from 175.44.59.
deny from 182.118.20.
deny from 182.118.21.
deny from 182.118.22.
deny from 182.118.25.
deny from 218.85.146.
deny from 218.86.50.
deny from 218.86.51.
deny from 220.161.96.
deny from 220.161.127.
deny from 222.77.205.
deny from 222.77.206.
deny from 222.77.207.
deny from 222.77.212.
deny from 222.77.214.
deny from 222.77.225.
deny from 222.77.228.
deny from 222.77.229.
deny from 222.77.238.
deny from 222.77.246.
deny from 222.77.247.
deny from 27.150.223.
deny from 27.150.229.
deny from 27.153.128.
deny from 27.153.160.
deny from 27.153.161.
deny from 27.153.162.
deny from 27.153.163.
deny from 27.153.184.
deny from 27.153.185.
deny from 27.153.186.
deny from 27.153.187.
deny from 27.153.209.
deny from 27.153.218.
deny from 27.153.219.
deny from 27.153.228.
deny from 27.153.233.
deny from 27.153.249.
deny from 27.153.250.
deny from 27.153.251.
deny from 27.154.206.
deny from 27.159.195.
deny from 27.159.197.
deny from 27.159.205.
deny from 27.159.209.
deny from 27.159.211.
deny from 27.159.229.
deny from 27.159.231.
deny from 27.159.238.
deny from 27.159.254.
deny from 36.248.168.
deny from 36.248.171.
deny from 36.250.182.
deny from 58.23.237.
deny from 59.58.113.
deny from 59.58.136.
deny from 59.58.137.
deny from 59.58.138.
deny from 59.58.139.
deny from 59.58.158.
deny from 60.168.18.

《垃圾来袭》有4个想法

    1. 貌似那边的机器人在用ADSL拨号,而且会检查扫描结果,发现被屏蔽了会自动重拨换IP,所以如果按IP而不是IP段来封,太累了。

发表评论