Question

我的wordpress网站因邮寄请求而被淹没。它每天接近200,000个请求。

以下是apache访问日志的示例：

218.75.48.179 - - [24/Jun/2014:13:16:13 -0700] "POST / HTTP/1.1" 403 - "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
195.226.235.101 - - [24/Jun/2014:13:16:13 -0700] "POST / HTTP/1.1" 403 - "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
186.116.184.32 - - [24/Jun/2014:13:16:14 -0700] "POST / HTTP/1.1" 403 - "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
95.43.217.197 - - [24/Jun/2014:13:16:14 -0700] "POST / HTTP/1.1" 403 - "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
110.168.188.207 - - [24/Jun/2014:13:16:14 -0700] "POST / HTTP/1.1" 403 - "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
113.161.194.225 - - [24/Jun/2014:13:16:14 -0700] "POST / HTTP/1.1" 403 - "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
80.9.11.226 - - [24/Jun/2014:13:16:14 -0700] "POST / HTTP/1.1" 403 - "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"

我正在尝试使用mod_rewrite阻止这些请求，同时仍然允许wordpress mod_rewrite代码工作。到目前为止，我没有正确阻止请求。有人可以看看并给我一些建议吗？

这是我的.htaccess文件：

ErrorDocument 403 "403 Error"

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /

RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{HTTP_REFERER} ^$
RewriteCond %{HTTP_USER_AGENT} "^Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
RewriteRule ^.* 403 [F,L]

RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

Answer 1

我目前拒绝除了我的IP地址以外的所有流量。

您不应该使用%{HTTP_REFERER}。您需要使用%{REMOTE_ADDR}：

RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REMOTE_ADDR} !=11.22.33.44
RewriteCond %{HTTP_USER_AGENT} "^Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
RewriteRule ^.* 403 [F,L]

使用您的实际IP地址更改11.22.33.44。

mod_rewrite使用空引用字符串阻止用户代理发布请求

1 个答案: