Cloudflare防火墙策略收集(持续更新)
两个Cloudflare防火墙策略,能挡住90%以上恶意流量。
域名 》防火墙 》防护墙规则 》 创建防火墙规则,如图:
表达式:
(cf.threat_score ge 5 and not cf.client.bot) or (not http.request.version in {"HTTP/1.2" "HTTP/2" "HTTP/3" "SPDY/3.1"}) or (not http.user_agent contains "Mozilla/")
上面的意思是威胁分数大于或等于5,且不是已知的合法爬虫,会质询;
HTTP版本不是 “HTTP/1.2” “HTTP/2” “HTTP/3” “SPDY/3.1” 会质询;
请求头不带 Mozilla/ 会质询;
上面可能会误伤爬虫,那么再创建一个合法爬虫规则,如图:
表达式:
(cf.client.bot) or (http.user_agent contains "duckduckgo") or (http.user_agent contains "facebookexternalhit") or (http.user_agent contains "Feedfetcher-Google") or (http.user_agent contains "LinkedInBot") or (http.user_agent contains "Mediapartners-Google") or (http.user_agent contains "msnbot") or (http.user_agent contains "Slackbot") or (http.user_agent contains "TwitterBot") or (http.user_agent contains "ia_archive") or (http.user_agent contains "yahoo")
上面的合法爬虫允许访问。
实测,这两条规则能挡住95%以上的CC攻击,然后防火墙设置,安全级别建议设置为低,否则影响浏览体验。
还是那句话,任何攻击都有特征的,分析日志,然后对应屏蔽才是最好的办法。
文章来源于互联网:Cloudflare防火墙策略收集(持续更新)
最后更新于 2022-10-31 13:59:28 并被添加「」标签,已有 77110 位童鞋阅读过。
本站使用「署名 4.0 国际」创作共享协议,可自由转载、引用,但需署名作者且注明文章出处
Original Prusa i3 MK3S+ 3D Printer DIY Kit
http://mk3splusdiyprinter89.com
http://williamnagengast.com/__media__/js/netsoltrademark.php?d=site.ru
Original Prusa i3 MK3S+ 3D Printer
https://mk3splusprinter5.com
http://campletts.com/__media__/js/netsoltrademark.php?d=site.ru
3D Labs HTX 3D Printer
https://htxindustrialprinter.com
http://bala.nyc/__media__/js/netsoltrademark.php?d=site.ru
TRILAB AzteQ Industrial 3D Printer
https://azteqindustrial.com
http://akb02.ru/bitrix/redirect.php?event1=&event2=&event3=&goto=http://site.ru