域名被攻击,借此使用nignx 自带的rewrite 功能封掉该域名,在虚拟机的server 配置段下做如下配置:
if ($host !~ ".*yunbofun.com") {
return 444;
}
重载下nginx ,观察日志:
[root@soa-prod-admin-glb-010177210101 /home/liujiangbo] 130
tail -f /data/nginx/logs/spider_2017-10-28.log
14.161.3.181 - - [28/Oct/2017:19:42:52 +0800] "GET http://www.yunbofun.com/ HTTP/1.1" "-" "-"444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0" "-"0.000 -
14.161.3.181 - - [28/Oct/2017:19:42:52 +0800] "GET http://www.yunbofun.com/ HTTP/1.1" "-" "-"444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0" "-"0.000 -
14.161.3.181 - - [28/Oct/2017:19:42:52 +0800] "GET http://www.yunbofun.com/ HTTP/1.1" "-" "-"444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0" "-"0.000 -
14.161.3.181 - - [28/Oct/2017:19:42:52 +0800] "GET http://www.yunbofun.com/ HTTP/1.1" "-" "-"444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0" "-"0.000 -
14.161.3.181 - - [28/Oct/2017:19:42:52 +0800] "GET http://www.yunbofun.com/ HTTP/1.1" "-" "-"444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0" "-"0.000 -