stackoom
  简体   繁体   中英

php apache ddos attack protect, create a custom blacklist

 原文  2015-01-12 20:18:05       php/ wordpress/ .htaccess/ security/ ddos

Question

I have a wordpress site. recently under a serious ddos attack in wp-login.php . I have renamed wp-login.php to a new mysitename-login.php . and creat a new empty file with name wp-login.php . I have joined cloudflare, still received attack log in access_log . I have tried mod_evasive , but it will kill googlebot

Now I am manully add them into my .htaccess like 

<Limit GET POST>
 order allow,deny
 deny from 108.162.253.180
 deny from 173.245.48.134
 deny from 173.245.49.187
 deny from 173.245.51.180     
 deny from 173.245.54.66
 deny from 108.162.219.
 deny from 109.239.235.
 allow from all
</Limit>

And I have an idea to create the .htaccess dynamic.

in current wp-login.php 

$ip=$_SERVER['REMOTE_ADDR'];
// INSERT INTO ip_table (ip) values ($ip);
// ip is unique index
$html='<Limit GET POST>/n/r'
$html.=//select * from ip_table   loop all
$html.='allow from all/n/r</Limit>';
$html.=<<<TXT
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
TXT;
file_put_content($html,'/var/www/html/.htaccess');

But I am afraid, if there have some problem during the file_put_content, the .htaccess is broken, my site will be broken too...

Any better way, to create a blacklist by using the robot access wp_login.php and no risk to be broken site?

Thanks.

2 answers

solution1
 0  2015-01-12 20:24:10

Instead of creating a Blacklist, why not make a Whitelist? This wouldn't work if you allow all users to login to Wordpress, for example if you're using a membership plugin, but if only you and a few select Admins login, then just get everyone's IP address and add those to your .htaccess file like this: 

## Prevent anyone not on my ip whitelist from accessing wp admin
RewriteCond %{REQUEST_URI} ^(/wp-admin|/wp-login.php).*$
RewriteCond %{REMOTE_ADDR} !=111.111.111.111
RewriteCond %{REMOTE_ADDR} !=222.222.222.222
RewriteCond %{REMOTE_ADDR} !=333.333.333.333
RewriteRule ^.*$ / [R=301,L]

solution2
 0  2017-02-06 18:19:06

What about using mod_evasive for Apache? This way you can easily block all IPs that try to connect to the certain URL very often in a short period of time.

You could block all IPs that will try to connect to your fake login page as well.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question php fopen() and fwrite() under heavy ddos attack Protect against PHP file attack Is it possible to prevent DDos Attack by cpanel configuration and php scripting? DDoS attack on /wp-admin/admin-ajax.php DDoS attack through iframe How to protect from file upload attack in php? How to protect wp-login from attack on apache/nginx How can I create a URL blacklist with PHP? Protect against CSRF attack in PHP for multiple browser tabs laravel 5.4 redis server ddos attack
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM