Negar todo o tráfego "direto" [duplicado]

1

Meu servidor está sob ataque pesado (talvez DDOS, não tenho idéia). Eu verifiquei os logs de acesso (para colocar as coisas em perspectiva, é um site com um diário de 1000 visitantes, nada extravagante):

78.176.175.208 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:37 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:38 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:39 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:40 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.176.175.208 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
88.252.162.244 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"
78.182.202.215 - - [14/Dec/2010:17:11:41 -0800] "GET /XXX.com/ HTTP/1.1" 200 1241 "" "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"

Estou pensando em negar todo o tráfego direto via htaccess (é apenas% 3% do meu tráfego) por um tempo.

Minha pergunta é como negar todo o tráfego direto via .htaccess e ajudar em tudo?

Obrigado

    
por elma 15.12.2010 / 17:23

2 respostas

1

Eu não vou dizer nada sobre a possibilidade de negar pedidos diretos (sem Referer) de .htaccess , porque pode ou não ser, dependendo de suas circunstâncias particulares.

Independentemente, aqui está como alguém poderia fazer isso. Coloque o seguinte no seu .htaccess :

SetEnvIf Referer "^$" NO_REFERER
Order allow,deny
Allow from all
Deny from env=NO_REFERER

Isso deve permitir todas as solicitações HTTP, exceto aquelas que enviam um cabeçalho de referência em branco (ou não).

    
por 15.12.2010 / 19:15
1

Sim, você pode usar a diretiva de negação para negar IPs específicos. Como opção melhor, você pode adicionar regras de firewall para impedir que esses IPs acessem seu servidor da web. Você tem que ter certeza sobre o que está fazendo. Caso contrário, você pode impedir que usuários legítimos acessem seu website.

    
por 15.12.2010 / 17:39