Fail2ban 封禁了 47700 个IP! New
🛡️ Fail2ban 实时防护状态 - dianbo.orghttps://www.dianbo.org/fail2banstatus.html
目前主要攻击目标是 search.php 和 home.php
185.187.77.68 - - "GET /search.php?formhash=c59047b9&mod=forum&searchsubmit=true&source=hotsearch&srchtxt=nero HTTP/1.1" 503 3796 "-" "Opera/9.54.(X11; Linux i686; ne-NP) Presto/2.9.189 Version/12.00"
175.110.166.22 - - "GET /search.php?formhash=08481b98&mod=forum&searchsubmit=true&source=hotsearch&srchtxt=TMPGEnc HTTP/1.1" 503 3797 "-" "Mozilla/5.0 (iPad; CPU iPad OS 3_2_2 like Mac OS X) AppleWebKit/535.0 (KHTML, like Gecko) FxiOS/14.8i4727.0 Mobile/15X659 Safari/535.0"
160.250.83.129 - - "GET /search.php?mod=forum&srchtxt=%e9%bb%91%e8%be%b9&formhash=30c3daf6&searchsubmit=true&source=hotsearch HTTP/1.1" 503 3797 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/531.2 (KHTML, like Gecko) Chrome/55.0.892.0 Safari/531.2"
109.107.231.125 - - "GET /search.php?formhash=dd6e2048&mod=forum&searchsubmit=true&source=hotsearch&srchtxt=%E5%85%89%E7%9B%98%E5%A4%8D%E5%88%B6 HTTP/1.1" 503 3798 "-" "Mozilla/5.0 (compatible; MSIE 7.0; Windows NT 5.2; Trident/5.0)" 尽量少用这些防御性质的软件,有时候不但拖累系统运行还有误封的情况,DZ本身够安全的了,设置好后台安全设置,账号问答登录、密码就可以了 注意哟,这个软件的日志要定期清理,不然超级大 罗永浩 发表于 2025-11-29 16:33
尽量少用这些防御性质的软件,有时候不但拖累系统运行还有误封的情况,DZ本身够安全的了,设置好后台安全设 ... 就是因为月初有几天攻击加强,Discuz自己没有能力防住,拖累了速度,才考虑使用 Limit_req 限流 + Fail2ban 封禁的方法。
调试的过程有一次确实把自己和版主误封了,不过目前运行还算正常。
每天增加一万IP的攻击,amazing!
.ce-block { margin-bottom: 20px;}.ce-block__content,.ce-toolbar__content { /* max-width:calc(100% - 50px) */ margin-left: auto; margin-right: auto;}.ce-paragraph { line-height: 1.6em; outline: none; text-indent: 2em; font-size: 16px;}.ce-paragraph--right { text-align: right;}.ce-paragraph--center { text-align: center;}.ce-paragraph--left { text-align: left;}.ce-paragraph--justify { text-align: justify;}.ce-paragraph-text-indent { text-align: justify;}.ce-paragraph:empty::before{content: attr(data-placeholder);color: #707684;font-weight: normal;opacity: 0;}/** Show placeholder at the first paragraph if Editor is empty */.codex-editor--empty .ce-block:first-child .ce-paragraph:empty::before {opacity: 1;}.codex-editor--toolbox-opened .ce-block:first-child .ce-paragraph:empty::before,.codex-editor--empty .ce-block:first-child .ce-paragraph:empty:focus::before {opacity: 0;}.ce-paragraph p:first-of-type{ margin-top: 0;}.ce-paragraph p:last-of-type{ margin-bottom: 0;}.svg-icon { width: 1em; height: 1em;}.svg-icon path,.svg-icon polygon,.svg-icon rect { fill: #4691f6;}.svg-icon circle { stroke: #4691f6; stroke-width: 1;}.ce-block { margin-bottom: 20px;}.ce-block__content,.ce-toolbar__content { /* max-width:calc(100% - 50px) */ margin-left: auto; margin-right: auto;}.image-tool {--bg-color: #cdd1e0;--front-color: #388ae5;--border-color: #e8e8eb;}.image-tool__image { border-radius: 3px; overflow: hidden; margin-bottom: 10px;}.image-tool__image-picture { max-width: 100%; vertical-align: bottom; display: block; margin-left: auto; margin-right: auto; }.image-tool__image-preloader { width: 50px; height: 50px; border-radius: 50%; background-size: cover; margin: auto; position: relative; background-color: #cdd1e0; background-position: center center; }.image-tool__image-preloader::after { content: ""; position: absolute; z-index: 3; width: 60px; height: 60px; border-radius: 50%; border: 2px solid #cdd1e0; border-top-color: #388ae5; left: 50%; top: 50%; margin-top: -30px; margin-left: -30px; animation: image-preloader-spin 2s infinite linear; box-sizing: border-box; }.image-tool__caption::before { position: absolute !important; content: attr(data-placeholder); color: #707684; font-weight: normal; display: none; }.image-tool__caption:empty::before { display: block; }.image-tool__caption:empty:focus::before { display: none; }.image-tool--empty .image-tool__image { display: none; }.image-tool--empty .image-tool__caption, .image-tool--loading .image-tool__caption { display: none; }.image-tool .cdx-button { display: flex; align-items: center; justify-content: center;}.image-tool .cdx-button svg { height: auto; margin: 0 6px 0 0; }.image-tool--filled .cdx-button { display: none; }.image-tool--filled .image-tool__image-preloader { display: none; }.image-tool--loading .image-tool__image { min-height: 200px; display: flex; border: 1px solid #e8e8eb; background-color: #fff; }.image-tool--loading .image-tool__image-picture { display: none; }.image-tool--loading .cdx-button { display: none; }/** * Tunes * ---------------- */.image-tool--withBorder .image-tool__image { border: 1px solid #e8e8eb; }.image-tool--withBackground .image-tool__image { padding: 15px; background: #cdd1e0; }.image-tool--withBackground .image-tool__image-picture { max-width: 60%; margin: 0 auto; }.image-tool--stretched .image-tool__image-picture { width: 100%; }.image-tool__caption { text-align: center; font-size: 14px; color: #a3a3a3; }@keyframes image-preloader-spin {0% { transform: rotate(0deg);}100% { transform: rotate(360deg);}}.inline-code {background: rgba(250, 239, 240, 0.78);color: #b44437;padding: 3px 4px;border-radius: 5px;margin: 0 1px;font-family: inherit;font-size: 0.86em;font-weight: 500;letter-spacing: 0.3px;} babyfacer 发表于 2025-11-29 17:17
注意哟,这个软件的日志要定期清理,不然超级大
谢谢提醒,系统自动加了 logrotate 配置,暂时无忧,未来可以考虑增加一个容量告警的计划任务。
.ce-block { margin-bottom: 20px;}.ce-block__content,.ce-toolbar__content { /* max-width:calc(100% - 50px) */ margin-left: auto; margin-right: auto;}.image-tool {--bg-color: #cdd1e0;--front-color: #388ae5;--border-color: #e8e8eb;}.image-tool__image { border-radius: 3px; overflow: hidden; margin-bottom: 10px;}.image-tool__image-picture { max-width: 100%; vertical-align: bottom; display: block; margin-left: auto; margin-right: auto; }.image-tool__image-preloader { width: 50px; height: 50px; border-radius: 50%; background-size: cover; margin: auto; position: relative; background-color: #cdd1e0; background-position: center center; }.image-tool__image-preloader::after { content: ""; position: absolute; z-index: 3; width: 60px; height: 60px; border-radius: 50%; border: 2px solid #cdd1e0; border-top-color: #388ae5; left: 50%; top: 50%; margin-top: -30px; margin-left: -30px; animation: image-preloader-spin 2s infinite linear; box-sizing: border-box; }.image-tool__caption::before { position: absolute !important; content: attr(data-placeholder); color: #707684; font-weight: normal; display: none; }.image-tool__caption:empty::before { display: block; }.image-tool__caption:empty:focus::before { display: none; }.image-tool--empty .image-tool__image { display: none; }.image-tool--empty .image-tool__caption, .image-tool--loading .image-tool__caption { display: none; }.image-tool .cdx-button { display: flex; align-items: center; justify-content: center;}.image-tool .cdx-button svg { height: auto; margin: 0 6px 0 0; }.image-tool--filled .cdx-button { display: none; }.image-tool--filled .image-tool__image-preloader { display: none; }.image-tool--loading .image-tool__image { min-height: 200px; display: flex; border: 1px solid #e8e8eb; background-color: #fff; }.image-tool--loading .image-tool__image-picture { display: none; }.image-tool--loading .cdx-button { display: none; }/** * Tunes * ---------------- */.image-tool--withBorder .image-tool__image { border: 1px solid #e8e8eb; }.image-tool--withBackground .image-tool__image { padding: 15px; background: #cdd1e0; }.image-tool--withBackground .image-tool__image-picture { max-width: 60%; margin: 0 auto; }.image-tool--stretched .image-tool__image-picture { width: 100%; }.image-tool__caption { text-align: center; font-size: 14px; color: #a3a3a3; }@keyframes image-preloader-spin {0% { transform: rotate(0deg);}100% { transform: rotate(360deg);}}.ce-block { margin-bottom: 20px;}.ce-block__content,.ce-toolbar__content { /* max-width:calc(100% - 50px) */ margin-left: auto; margin-right: auto;}.ce-paragraph { line-height: 1.6em; outline: none; text-indent: 2em; font-size: 16px;}.ce-paragraph--right { text-align: right;}.ce-paragraph--center { text-align: center;}.ce-paragraph--left { text-align: left;}.ce-paragraph--justify { text-align: justify;}.ce-paragraph-text-indent { text-align: justify;}.ce-paragraph:empty::before{content: attr(data-placeholder);color: #707684;font-weight: normal;opacity: 0;}/** Show placeholder at the first paragraph if Editor is empty */.codex-editor--empty .ce-block:first-child .ce-paragraph:empty::before {opacity: 1;}.codex-editor--toolbox-opened .ce-block:first-child .ce-paragraph:empty::before,.codex-editor--empty .ce-block:first-child .ce-paragraph:empty:focus::before {opacity: 0;}.ce-paragraph p:first-of-type{ margin-top: 0;}.ce-paragraph p:last-of-type{ margin-bottom: 0;}.svg-icon { width: 1em; height: 1em;}.svg-icon path,.svg-icon polygon,.svg-icon rect { fill: #4691f6;}.svg-icon circle { stroke: #4691f6; stroke-width: 1;}.inline-code {background: rgba(250, 239, 240, 0.78);color: #b44437;padding: 3px 4px;border-radius: 5px;margin: 0 1px;font-family: inherit;font-size: 0.86em;font-weight: 500;letter-spacing: 0.3px;} 哦哦,我之前的日志有10G。后面不用了,现在都是直接用ESA拦截 babyfacer 发表于 2025-12-1 00:35
哦哦,我之前的日志有10G。后面不用了,现在都是直接用ESA拦截 这ESA有点高大上了,我一小主机就用 Fail2ban 应付一下,顶多再加个 Nginx 限流和黑名单,不过攻击还真是源源不断!这才几天就到17万IP了!太离谱了!
.ce-block { margin-bottom: 20px;}.ce-block__content,.ce-toolbar__content { /* max-width:calc(100% - 50px) */ margin-left: auto; margin-right: auto;}.ce-paragraph { line-height: 1.6em; outline: none; text-indent: 2em; font-size: 16px;}.ce-paragraph--right { text-align: right;}.ce-paragraph--center { text-align: center;}.ce-paragraph--left { text-align: left;}.ce-paragraph--justify { text-align: justify;}.ce-paragraph-text-indent { text-align: justify;}.ce-paragraph:empty::before{content: attr(data-placeholder);color: #707684;font-weight: normal;opacity: 0;}/** Show placeholder at the first paragraph if Editor is empty */.codex-editor--empty .ce-block:first-child .ce-paragraph:empty::before {opacity: 1;}.codex-editor--toolbox-opened .ce-block:first-child .ce-paragraph:empty::before,.codex-editor--empty .ce-block:first-child .ce-paragraph:empty:focus::before {opacity: 0;}.ce-paragraph p:first-of-type{ margin-top: 0;}.ce-paragraph p:last-of-type{ margin-bottom: 0;}.svg-icon { width: 1em; height: 1em;}.svg-icon path,.svg-icon polygon,.svg-icon rect { fill: #4691f6;}.svg-icon circle { stroke: #4691f6; stroke-width: 1;}.ce-block { margin-bottom: 20px;}.ce-block__content,.ce-toolbar__content { /* max-width:calc(100% - 50px) */ margin-left: auto; margin-right: auto;}.image-tool {--bg-color: #cdd1e0;--front-color: #388ae5;--border-color: #e8e8eb;}.image-tool__image { border-radius: 3px; overflow: hidden; margin-bottom: 10px;}.image-tool__image-picture { max-width: 100%; vertical-align: bottom; display: block; margin-left: auto; margin-right: auto; }.image-tool__image-preloader { width: 50px; height: 50px; border-radius: 50%; background-size: cover; margin: auto; position: relative; background-color: #cdd1e0; background-position: center center; }.image-tool__image-preloader::after { content: ""; position: absolute; z-index: 3; width: 60px; height: 60px; border-radius: 50%; border: 2px solid #cdd1e0; border-top-color: #388ae5; left: 50%; top: 50%; margin-top: -30px; margin-left: -30px; animation: image-preloader-spin 2s infinite linear; box-sizing: border-box; }.image-tool__caption::before { position: absolute !important; content: attr(data-placeholder); color: #707684; font-weight: normal; display: none; }.image-tool__caption:empty::before { display: block; }.image-tool__caption:empty:focus::before { display: none; }.image-tool--empty .image-tool__image { display: none; }.image-tool--empty .image-tool__caption, .image-tool--loading .image-tool__caption { display: none; }.image-tool .cdx-button { display: flex; align-items: center; justify-content: center;}.image-tool .cdx-button svg { height: auto; margin: 0 6px 0 0; }.image-tool--filled .cdx-button { display: none; }.image-tool--filled .image-tool__image-preloader { display: none; }.image-tool--loading .image-tool__image { min-height: 200px; display: flex; border: 1px solid #e8e8eb; background-color: #fff; }.image-tool--loading .image-tool__image-picture { display: none; }.image-tool--loading .cdx-button { display: none; }/** * Tunes * ---------------- */.image-tool--withBorder .image-tool__image { border: 1px solid #e8e8eb; }.image-tool--withBackground .image-tool__image { padding: 15px; background: #cdd1e0; }.image-tool--withBackground .image-tool__image-picture { max-width: 60%; margin: 0 auto; }.image-tool--stretched .image-tool__image-picture { width: 100%; }.image-tool__caption { text-align: center; font-size: 14px; color: #a3a3a3; }@keyframes image-preloader-spin {0% { transform: rotate(0deg);}100% { transform: rotate(360deg);}}.inline-code {background: rgba(250, 239, 240, 0.78);color: #b44437;padding: 3px 4px;border-radius: 5px;margin: 0 1px;font-family: inherit;font-size: 0.86em;font-weight: 500;letter-spacing: 0.3px;} 你被盯上了呗。那些广撒网扫描的,成本低呀
3小时就多了一万IP
.ce-block { margin-bottom: 20px;}.ce-block__content,.ce-toolbar__content { /* max-width:calc(100% - 50px) */ margin-left: auto; margin-right: auto;}.image-tool {--bg-color: #cdd1e0;--front-color: #388ae5;--border-color: #e8e8eb;}.image-tool__image { border-radius: 3px; overflow: hidden; margin-bottom: 10px;}.image-tool__image-picture { max-width: 100%; vertical-align: bottom; display: block; margin-left: auto; margin-right: auto; }.image-tool__image-preloader { width: 50px; height: 50px; border-radius: 50%; background-size: cover; margin: auto; position: relative; background-color: #cdd1e0; background-position: center center; }.image-tool__image-preloader::after { content: ""; position: absolute; z-index: 3; width: 60px; height: 60px; border-radius: 50%; border: 2px solid #cdd1e0; border-top-color: #388ae5; left: 50%; top: 50%; margin-top: -30px; margin-left: -30px; animation: image-preloader-spin 2s infinite linear; box-sizing: border-box; }.image-tool__caption::before { position: absolute !important; content: attr(data-placeholder); color: #707684; font-weight: normal; display: none; }.image-tool__caption:empty::before { display: block; }.image-tool__caption:empty:focus::before { display: none; }.image-tool--empty .image-tool__image { display: none; }.image-tool--empty .image-tool__caption, .image-tool--loading .image-tool__caption { display: none; }.image-tool .cdx-button { display: flex; align-items: center; justify-content: center;}.image-tool .cdx-button svg { height: auto; margin: 0 6px 0 0; }.image-tool--filled .cdx-button { display: none; }.image-tool--filled .image-tool__image-preloader { display: none; }.image-tool--loading .image-tool__image { min-height: 200px; display: flex; border: 1px solid #e8e8eb; background-color: #fff; }.image-tool--loading .image-tool__image-picture { display: none; }.image-tool--loading .cdx-button { display: none; }/** * Tunes * ---------------- */.image-tool--withBorder .image-tool__image { border: 1px solid #e8e8eb; }.image-tool--withBackground .image-tool__image { padding: 15px; background: #cdd1e0; }.image-tool--withBackground .image-tool__image-picture { max-width: 60%; margin: 0 auto; }.image-tool--stretched .image-tool__image-picture { width: 100%; }.image-tool__caption { text-align: center; font-size: 14px; color: #a3a3a3; }@keyframes image-preloader-spin {0% { transform: rotate(0deg);}100% { transform: rotate(360deg);}}.inline-code {background: rgba(250, 239, 240, 0.78);color: #b44437;padding: 3px 4px;border-radius: 5px;margin: 0 1px;font-family: inherit;font-size: 0.86em;font-weight: 500;letter-spacing: 0.3px;}
页:
[1]