最近、ロシア(ru)からのリファラスパムが酷いので手っ取り早くApacheの.htaccessでアクセス拒否するようにしました。
アクセスログ
1 2 3 4 |
31.184.236.12 - - [25/May/2017:11:21:23 +0900] "GET /2015/03/23/webalizer%E3%81%AE%E8%A8%AD%E5%AE%9A%E3%83%A1%E3%83%A22/ HTTP/1.0" 200 55713 "https://canadapharmacy24hourdrugstoreus.ru/" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0" 31.184.236.12 - - [25/May/2017:11:21:27 +0900] "GET /2013/08/28/%e7%b6%9a%e3%80%85%e3%83%bbwordpress-wp-login-php%e3%81%b8%e3%81%ae%e3%83%96%e3%83%ab%e3%83%bc%e3%83%88%e3%83%95%e3%82%a9%e3%83%bc%e3%82%b9%e6%94%bb%e6%92%83/ HTTP/1.0" 200 61644 "https://canadapharmacy24hourdrugstoreus.ru/" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.97 Safari/537.36" 31.184.236.12 - - [25/May/2017:11:21:28 +0900] "GET /2017/05/04/centos-7-fail2ban%e3%81%a7wp-login-php%e3%81%b8%e3%81%ae%e3%82%a2%e3%82%af%e3%82%bb%e3%82%b9%e3%82%92%e3%83%96%e3%83%ad%e3%83%83%e3%82%af/ HTTP/1.0" 200 183719 "https://canadapharmacy24hourdrugstoreus.ru/" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.109 Safari/537.36" 31.184.236.12 - - [25/May/2017:11:21:30 +0900] "GET /tag/powershell/ HTTP/1.0" 200 52335 "https://canadapharmacy24hourdrugstoreus.ru/" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36" |
- .htaccessの設定
- apache reload
- 確認
1 2 3 4 5 |
SetEnvIfNoCase Referer "^https?://.*\.ru" spammer=yes Order allow,deny Allow from all Deny from env=spammer |
1 2 |
# apachectl -t # apachectl graceful |
403でアクセス拒否しています。
1 2 |
31.184.236.12 - - [26/May/2017:12:54:01 +0900] "GET /2015/03/23/webalizer%E3%81%AE%E8%A8%AD%E5%AE%9A%E3%83%A1%E3%83%A22/ HTTP/1.0" 403 239 "https://levitravardenafilus.ru/" "Mozilla/5.0 (Windows NT 6.1; rv:44.0) Gecko/20100101 Firefox/44.0" 31.184.236.12 - - [26/May/2017:12:54:02 +0900] "GET / HTTP/1.0" 403 4897 "https://levitravardenafilus.ru/" "Mozilla/5.0 (Windows NT 6.1; rv:44.0) Gecko/20100101 Firefox/44.0" |