Nginx 禁止猜測路徑上傳惡意代碼? ?#需要nginx? server字段中添加include blockip.conf 文件路徑。 然后將其腳本放到crond計劃中

1 #!/usr/bin/bash 2 LOG_DIR=/usr/local/nginx/logs 3 LOG_NAME=access.log 4 DEFINE=20 5 BLOCK_IP=/tmp/block_nginx.txt 6 INITIALIZE=$BLOCK_IP 7 WHITE_IP= 8 NGX_PID=/usr/local/nginx/logs/nginx_pid 9 NGX_BLOCK_CONF=/usr/local/nginx/conf/blockip.conf 10 NGX_COM=/usr/local/nginx/sbin/nginx 11 cd $LOG_DIR 12 grep -i -E -e "POST" -e "put" $LOG_NAME | grep "404" | awk '{print $1}' | sort -n | uniq -c | sort -nr | awk '{print $2"="$1}' > $BLOCK_IP 13 for i in $WHITE_IP ;do 14 15 sed -i '/$i/d' $BLOCK_IP 16 done 17 for i in `cat $BLOCK_IP` ;do 18 ip=`echo $i |/usr/bin/awk -F"=" '{print $1}'` 19 number=`echo $i | awk -F'=' '{print $2}'` 20 if [ $number -ge $DEFINE ]; then 21 grep $i $NGX_BLOCK_CONF &> /dev/null 22 fi 23 if [ $? -gt 0 ]; then 24 echo "deny $ip;" >> $NGX_BLOCK_CONF 25 fi 26 done 27 $($NGX_COM -s reload)

?

轉載于:https://www.cnblogs.com/simple001/p/7602423.html

總結

以上是生活随笔為你收集整理的Nginx 禁止猜测路径上传恶意代码的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。