前几天通过Tcp_wrappers阻止一些分析出来的恶意IP效果还是有的…不过我后面仍发现会占用一些流量,故此我想通过返回444这种非标准的状态码,减小流量的使用.
默认情况下开启模块仅会返回403,代码如下:
- [root@ipythonconf]#curl-Ihttp://www.phpfensi.com
- HTTP/1.1403Forbidden
- Server:nginx/1.6.1
- Date:Fri,15Aug201414:52:13GMT
- Content-Type:text/html
- Content-Length:168
- Connection:keep-alive
那么操作起来很简单了,修改源代码即可,我重新打包后的文件会附在本文末尾附件下载,修改方式很简单,return 对应的状态码即可,代码如下:
- ###重新编译Nginx###
- [root@ipythonnginx-1.6.1]#./configure--prefix=/software/nginx--user=nginx--group=nginx--with-http_stub_status_module--with-http_ssl_module--with-http_realip_module--with-http_gzip_static_module--with-google_perftools_module--with-debug--http-client-body-temp-path=/var/tmp/nginx/client--http-proxy-temp-path=/var/tmp/nginx/proxy--http-fastcgi-temp-path=/var/tmp/nginx/fastcgi--http-uwsgi-temp-path=/var/tmp/nginx/uwsgi--http-scgi-temp-path=/var/tmp/nginx/scgi--with-pcre=/root/pcre-8.35--with-openssl=/root/openssl-1.0.1i--with-zlib=/root/zlib-1.2.8--add-module=./ngx_tcpwrappers
- ###具体操作参考前文###
- [root@ipythonnginx-1.6.1]#cpobjs/nginx/software/nginx/sbin/
- [root@ipythonnginx-1.6.1]#makeupgrade
再次访问就不返回数据了,代码如下:
- [root@ipythonconf]#curl-Ihttp://www.phpfensi.com
- curl:(52)Emptyreplyfromserver
- ####Nginx日志如下####
- 1.1.1.1--[15/Aug/2014:23:28:08+0800]"GET/HTTP/1.1"4440"-""Mozilla/5.0(WindowsNT6.1;WOW64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/35.0.1916.153UBrowser/2.0.1144.0Safari/537.36"
- 1.1.1.1--[15/Aug/2014:23:28:09+0800]"GET/HTTP/1.1"4440"-""Mozilla/5.0(WindowsNT6.1;WOW64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/35.0.1916.153UBrowser/2.0.1144.0Safari/537.36"
- 1.1.1.1--[15/Aug/2014:23:28:09+0800]"GET/HTTP/1.1"4440"-""Mozilla/5.0(WindowsNT6.1;WOW64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/35.0.1916.153UBrowser/2.0.1144.0Safari/537.36"
- 1.1.1.1--[15/Aug/2014:23:28:09+0800]"GET/HTTP/1.1"4440"-""Mozilla/5.0(WindowsNT6.1;WOW64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/35.0.1916.153UBrowser/2.0.1144.0Safari/537.36"