发表新帖
发表新帖

这份恶意UA黑名单,能拦截半个地球的恶意之潮

闲聊 无标签
0 384
WIZ
WIZ 自成一派 2025-02-11 08:19:55
Lv:45级

经常看宝塔防火墙日志,总结了这些恶意UA大全。我将自己在用的分享给各大站长。

["Microsoft","rv:","Macintosh","Chat",".NET","JCE","cow","ZmEu","Bench","httperf","w3af","Netsparker","BabyKrokodil","PycURL","Havij","fimap","Nikto","Nmap","BBBike","libwww","Parser","MyTool","sqln","Pangolin","Crawler","Odin","Indy","HTTrack","Audit","DirBuster","Harvest","SQLmap","XSStrike","Metasploit","Arachni","ZAP","Aircrack","John","Hydra","l9explore","l9tcpid","Scrapy","FeedDemon","WebCopier","CrawlDaddy","Jullo","Feedly","WinHttp","CentOS","Ubuntu","Debian","python","Java","golang","Apache","Client","HttpClient","AsyncHttpClient","MicroMessenger","QQ","facebook","GPTBot","AhrefsBot","DotBot","Amazonbot","BLEXBot","MJ12bot","PetalBot","DuckDuckBot","DataForSeoBot","BotPoke","ClaudeBot","SemrushBot","YisouSpider"]

PS:已拦截 YisouSpider 神马的蜘蛛。像这种,不收录,还爬取,纯垃圾蜘蛛。

使用方法

打开宝塔防火墙-全局设置-UA黑名单-设置-点击清空按钮,再点击导入按钮确定即可。

没防火墙

如果,你没有安装宝塔防火墙。阔以参考下面文章使用,然后稍微改改代码就行了。

比如:Nginx屏蔽垃圾蜘蛛的办法 代码可以这样写

if ($http_user_agent ~* "Microsoft|rv:|Macintosh|Chat|.NET|JCE|cow|ZmEu|Bench|httperf|w3af|Netsparker|BabyKrokodil|PycURL|Havij|fimap|Nikto|Nmap|BBBike|libwww|Parser|MyTool|sqln|Pangolin|Crawler|Odin|Indy|HTTrack|Audit|DirBuster|Harvest|SQLmap|XSStrike|Metasploit|Arachni|ZAP|Aircrack|John|Hydra|l9explore|l9tcpid|Scrapy|FeedDemon|WebCopier|CrawlDaddy|Jullo|Feedly|WinHttp|CentOS|Ubuntu|Debian|python|Java|golang|Apache|Client|HttpClient|AsyncHttpClient|MicroMessenger|QQ|facebook|GPTBot|AhrefsBot|DotBot|Amazonbot|BLEXBot|MJ12bot|PetalBot|DuckDuckBot|DataForSeoBot|BotPoke|ClaudeBot|SemrushBot|YisouSpider"){    return 403;}

或者:PHP禁止在微信和QQ中打开 这个更加简单,把

$searchEngines = array('MicroMessenger','QQ');

改为

$searchEngines = ["Microsoft","rv:","Macintosh","Chat",".NET","JCE","cow","ZmEu","Bench","httperf","w3af","Netsparker","BabyKrokodil","PycURL","Havij","fimap","Nikto","Nmap","BBBike","libwww","Parser","MyTool","sqln","Pangolin","Crawler","Odin","Indy","HTTrack","Audit","DirBuster","Harvest","SQLmap","XSStrike","Metasploit","Arachni","ZAP","Aircrack","John","Hydra","l9explore","l9tcpid","Scrapy","FeedDemon","WebCopier","CrawlDaddy","Jullo","Feedly","WinHttp","CentOS","Ubuntu","Debian","python","Java","golang","Apache","Client","HttpClient","AsyncHttpClient","MicroMessenger","QQ","facebook","GPTBot","AhrefsBot","DotBot","Amazonbot","BLEXBot","MJ12bot","PetalBot","DuckDuckBot","DataForSeoBot","BotPoke","ClaudeBot","SemrushBot","YisouSpider"];

完成。但这个是动态、伪静态版的。

特别注意

这样改了以后,不会影响正常访问和蜘蛛抓取。除此之外,火狐浏览器也会被拦截。

这份恶意UA黑名单有点强,一篇文章拦截了半个球的人,到底要不要用还需谨慎呐!

楼主签名:DNSWIZ 站长故事
回帖
回复列表
    更多回复

    请遵守各国法律法规 严禁违规内容

    • QQ群:1140251126
    • Email:m@max.ooo
    • 本站可以自由发布外链
    • 本站域名皆为闲置域名,均可出售
    Hot posts
    01 迅雷推广激励平台:官方高收益网盘拉新赚钱项目 540
    02 kupid.ai和herahaven.com应该选哪个? 526
    03 a.icu b.icu c.icu d.icu 同时掉 504
    04 今天把所有的google广告去掉了 497
    05 aigc.cx又多了一个域名 495
    06 秀秀新米(已出) 493
    07 迅雷 12 精简绿色版(12.1.6.2780) 475
    08 Windows 11 LTSC 优化版 - placeholder(2025.02.27) 451
    09 deepseek给我的域名的建议 430
    10 音频文件转换软件 XRecode 3(1.164) 410

    最新会员

    PXxLlyip 闪亮的昵称~
    wujiarui wujiarui
    gqhxh gqhxh
    jinitaimei jinitaimei
    木子大木子 木子大木子
    a191410029 a191410029

    积分排行

    WIZWIZ
    xianza-com极客
    tetepayCS
    MaxMax
    空空空空
    真赚ieearn_com真赚ieearn_com
    陈书婷陈书婷
    wz2021wz2021
    YDMYDM
    MangoMango
    清美明美
    garygary
    推荐主机
    『申請友鏈』站长公益主机在路上WooYes小雀


    © 2025 DnsWiz & HadSky