发表新帖
发表新帖

这份恶意UA黑名单,能拦截半个地球的恶意之潮

闲聊 无标签
0 496
WIZ
WIZ 自成一派 2025-02-11 08:19:55
Lv:46级

经常看宝塔防火墙日志,总结了这些恶意UA大全。我将自己在用的分享给各大站长。

["Microsoft","rv:","Macintosh","Chat",".NET","JCE","cow","ZmEu","Bench","httperf","w3af","Netsparker","BabyKrokodil","PycURL","Havij","fimap","Nikto","Nmap","BBBike","libwww","Parser","MyTool","sqln","Pangolin","Crawler","Odin","Indy","HTTrack","Audit","DirBuster","Harvest","SQLmap","XSStrike","Metasploit","Arachni","ZAP","Aircrack","John","Hydra","l9explore","l9tcpid","Scrapy","FeedDemon","WebCopier","CrawlDaddy","Jullo","Feedly","WinHttp","CentOS","Ubuntu","Debian","python","Java","golang","Apache","Client","HttpClient","AsyncHttpClient","MicroMessenger","QQ","facebook","GPTBot","AhrefsBot","DotBot","Amazonbot","BLEXBot","MJ12bot","PetalBot","DuckDuckBot","DataForSeoBot","BotPoke","ClaudeBot","SemrushBot","YisouSpider"]

PS:已拦截 YisouSpider 神马的蜘蛛。像这种,不收录,还爬取,纯垃圾蜘蛛。

使用方法

打开宝塔防火墙-全局设置-UA黑名单-设置-点击清空按钮,再点击导入按钮确定即可。

没防火墙

如果,你没有安装宝塔防火墙。阔以参考下面文章使用,然后稍微改改代码就行了。

比如:Nginx屏蔽垃圾蜘蛛的办法 代码可以这样写

if ($http_user_agent ~* "Microsoft|rv:|Macintosh|Chat|.NET|JCE|cow|ZmEu|Bench|httperf|w3af|Netsparker|BabyKrokodil|PycURL|Havij|fimap|Nikto|Nmap|BBBike|libwww|Parser|MyTool|sqln|Pangolin|Crawler|Odin|Indy|HTTrack|Audit|DirBuster|Harvest|SQLmap|XSStrike|Metasploit|Arachni|ZAP|Aircrack|John|Hydra|l9explore|l9tcpid|Scrapy|FeedDemon|WebCopier|CrawlDaddy|Jullo|Feedly|WinHttp|CentOS|Ubuntu|Debian|python|Java|golang|Apache|Client|HttpClient|AsyncHttpClient|MicroMessenger|QQ|facebook|GPTBot|AhrefsBot|DotBot|Amazonbot|BLEXBot|MJ12bot|PetalBot|DuckDuckBot|DataForSeoBot|BotPoke|ClaudeBot|SemrushBot|YisouSpider"){    return 403;}

或者:PHP禁止在微信和QQ中打开 这个更加简单,把

$searchEngines = array('MicroMessenger','QQ');

改为

$searchEngines = ["Microsoft","rv:","Macintosh","Chat",".NET","JCE","cow","ZmEu","Bench","httperf","w3af","Netsparker","BabyKrokodil","PycURL","Havij","fimap","Nikto","Nmap","BBBike","libwww","Parser","MyTool","sqln","Pangolin","Crawler","Odin","Indy","HTTrack","Audit","DirBuster","Harvest","SQLmap","XSStrike","Metasploit","Arachni","ZAP","Aircrack","John","Hydra","l9explore","l9tcpid","Scrapy","FeedDemon","WebCopier","CrawlDaddy","Jullo","Feedly","WinHttp","CentOS","Ubuntu","Debian","python","Java","golang","Apache","Client","HttpClient","AsyncHttpClient","MicroMessenger","QQ","facebook","GPTBot","AhrefsBot","DotBot","Amazonbot","BLEXBot","MJ12bot","PetalBot","DuckDuckBot","DataForSeoBot","BotPoke","ClaudeBot","SemrushBot","YisouSpider"];

完成。但这个是动态、伪静态版的。

特别注意

这样改了以后,不会影响正常访问和蜘蛛抓取。除此之外,火狐浏览器也会被拦截。

这份恶意UA黑名单有点强,一篇文章拦截了半个球的人,到底要不要用还需谨慎呐!

楼主签名:DNSWIZ 站长故事
回帖
回复列表
    更多回复

    请遵守各国法律法规 严禁违规内容

    • QQ群:1140251126
    • Email:m@max.ooo
    • 本站可以自由发布外链
    • 本站域名皆为闲置域名,均可出售
    Hot posts
    01 看到一个好域名th.ink 326
    02 PHP防火墙代码,防火墙,网站防火墙,WAF防火墙,PHP防火墙大全 240
    03 博森科技CCR智能全自动炒币机器人:哪个量化机器人最火? 226
    04 非主流域名有风险,投资需谨慎 207
    05 香港免费云服务器申请教程,配置4核8G 204
    06 掌上兼职平台 运营好几年了,我不是给平台打广告,我发这个是因为邀请别人有钱赚 203
    07 【优化】整体加载速度优化,加载时间缩短近10倍! 184
    08 博森科技CCR智能炒币机器人:为何说最好拥有一个比特币 183
    09 博森科技CCR全自动炒币机器人:一个贪字,毁了多少人 176
    10 博森CCR全自动炒币机器人:炒币真的不建议一般人手动交易 174

    最新会员

    PVrAUXDU 闪亮的昵称~
    VWPbZFzm 闪亮的昵称~
    lrgGErQzthbjOBM 闪亮的昵称~
    kldxm18 kldxm18
    拂晓不辍 拂晓不辍
    karselena karselena

    积分排行

    WIZWIZ
    zhi-link极客
    tetepayCS
    MaxMax
    空空空空
    真赚ieearn_com真赚ieearn_com
    陈书婷陈书婷
    wz2021wz2021
    YDMYDM
    MangoMango
    清美明美
    garygary
    推荐主机
    『申請友鏈』站长公益主机在路上WooYes小雀新鸟云多元论坛


    © 2025 DnsWiz & HadSky