UA is the user agent (User-Agent), and the server identifies the visitor's identity through UA. When a website returns an abnormal page (such as 403, 500) or jumps to other pages for access to a designated UA, it is a UA ban.
Restrictions user_agent:
user_agent (user agent): refers to browser (search engine) information including hardware platform, System software, application software and personal user preferences. (Recommended learning: PHP Video Tutorial)
When a hacker attacks your server with CC, check the log and find that user_agent is consistent, and user_agent appears multiple times in one second, so User_agent must be restricted
<IfModule mod_rewrite.c> //使用rewrite模块 RewriteEngine on RewriteCond %{HTTP_USER_AGENT} .*curl.* [NC,OR] //定义user_agent条件,OR表示两条件之间是或者的意思,NC表示忽略大小写 RewriteCond %{HTTP_USER_AGENT} .*baidu.com.* [NC] //定义user_agent条件 RewriteRule .* - [F] // 规则 [F] 表示forbidden(403) </IfModule>
We still use rewrite modul
RewriteCond %{HTTP_USER_AGENT} .*curl.* [NC,OR] //匹配Curl的访问 [NC,OR] NC:忽略大小写。 OR:是或者的意思,要么这一条,要么下一条满足情况 RewriteCond %{HTTP_USER_AGENT} .*baidu.com.* [NC] RewriteRule .* - [F] // F:Forbidden 禁止
As long as you use curl and baidu.com to attack, it will not jump directly. Just ban it!
[[email protected] test3.com]# curl -x127.0.0.1:80 www.test3.com <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access / on this server.<br /> </p> </body></html>
The above is the detailed content of How to limit ua in php. For more information, please follow other related articles on the PHP Chinese website!