开启日志格式
限制ip
if ($remote_addr ~* 192.168.0.1[0-9]) {
return 403;
}
限制浏览器
if ($http_user_agent !~* Chrome) {
return 403;
}
禁止爬虫过来访问
爬虫
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
192.168.252.120 - - [24/Aug/2023:13:48:52 +0800] "GET / HTTP/1.1" 200 16 "-" "python-requests/2.27.1" "-"
修改配置文件nginx.conf禁止爬虫
server {
listen 80;
server_name www.feng.com;
location / {
root html/feng;
index index.html index.htm;
}
if ($http_user_agent ~* python-requests ) {
return 404;
}
if ($remote_addr ~* 192.168.252.120 ) {
return 404;
}
}
根据ip地址地区限制geoIP
第一步:下载GeoIP库,下载unzip软件
[root@nginx ~]# yum install unzip -y
[root@nginx ~]# ls
geoip.zip
第二步:解压 geoip.zip
[root@nginx ~]# unzip geoip.zip
Archive: geoip.zip
inflating: GeoIPCityv6.dat
inflating: GeoIPv6.dat
inflating: GeoLite2-City.mmdb
inflating: GeoLite2-Country.mmdb
inflating: GeoLiteASNum.dat
inflating: GeoLiteASNumv6.dat
inflating: GeoLiteCity.dat
inflating: GeoLiteCityv6.dat
inflating: GeoLiteCountry.dat
inflating: readme.txt
inflating: GeoIP.dat
inflating: GeoIPASNum.dat
inflating: GeoIPASNumv6.dat
inflating: GeoIPCity.dat
[root@nginx ~]# ls
GeoIPASNum.dat GeoIPCityv6.dat geoip.zip GeoLiteASNum.dat GeoLiteCityv6.dat
GeoIPASNumv6.dat GeoIP.dat GeoLite2-City.mmdb GeoLiteASNumv6.dat GeoLiteCountry.dat
GeoIPCity.dat GeoIPv6.dat GeoLite2-Country.mmdb GeoLiteCity.dat readme.txt
第三步:复制GeoIP.dat GeoLiteCountry.dat GeoLiteCity.dat 到/usr/local/scnginx99/conf/目录下
[root@nginx ~]# cp GeoIP.dat GeoLiteCountry.dat /usr/local/scnginx99/conf/
[root@nginx ~]# cp GeoLiteCity.dat /usr/local/scnginx99/conf/
第四步:编辑nginx.conf
[root@nginx conf]# vim nginx.conf
geoip_country /usr/local/scnginx99/conf/GeoIP.dat; # 在http块里添加
geoip_city /usr/local/scnginx99/conf/GeoLiteCity.dat; # 在http块里添加
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 8080;
server_name www.xiongxue.com;
if ($geoip_country_code != 'CN' ){ # 在server块里添加
return 403;
}
第五步:检查语法,重新加载nginx的配置文件
[root@nginx conf]# /usr/local/scnginx99/sbin/nginx -t
nginx: the configuration file /usr/local/scnginx99/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/scnginx99/conf/nginx.conf test is successful
[root@nginx conf]# /usr/local/scnginx99/sbin/nginx -s reload
注意:需要重新编译安装nginx,开启 --with-http_geoip_module 功能。