立即注册 找回密码
首页>站长综合资源区>精品教程>使用360网站卫士、百度云加速、加速乐配合kangle防CC...
民审-M

使用360网站卫士、百度云加速、加速乐配合kangle防CC、DDOS的组合防御anti_cc模块srcs

作者:民审-M   发布时间:2017-06-29 14:17   回复数:1   浏览数:836
民审-M
8361民审-M金牌草根
加亮 2017-06-29 14:17:19
8361 加亮 2017-06-29 14:17:19
话题: kangle white url 防护 白名单
本帖最后由 民审-M 于 2017-6-29 15:09 编辑

使用百度云加速、加速乐、360网站卫士CDN不抗CC攻击,全被打回源,利用kangle抗CC来解决的方法 隐藏IP抗DDOS的方法:
kangle防CC、DDOS的组合防御anti_cc模块的white list白名单列表添加,利用模块src可以直接绕过防护cc:
       是不是因为百度云加速、加速乐、360网站卫士不抗CC攻击头疼呢,就算开了360的防护验证码,一样被打穿回源,当然主要是搜索引擎回源功能,识别到UA请求是百度蜘蛛,直接把请求绕过验证码直接丢回源导致的一些问题。,
实测截图:

图片:kangle防CC、DDOS的组合防御anti_cc模块srcs-1.jpg

图片:kangle防CC、DDOS的组合防御anti_cc模块srcs-2.jpg

图片:kangle防CC、DDOS的组合防御anti_cc模块srcs-3.jpg
这里,我们来讲下强大的kangle在源站做好策略CC防护,可以与百度云加速、加速乐、360网站卫士共存的方法。我们登陆3311后台,请求控制,在replace_ip标记模块后面,点击插入按钮,注意一定要在replace_ip模块后面,不然会死循环:

图片:d0091495152941.jpg
选择匹配模块srcs标记模块anti_cc,在srcs中,填入下面内容并且勾选非:【2017.06.29百度云加速白名单节点IP段】
112.65.74.0/24|113.207.101.0/24|180.163.188.0/24|119.188.97.0/24|61.155.149.0/24|61.182.137.0/24|222.216.190.0/24|183.60.235.0/24|117.34.13.0/24|42.236.93.0/24|119.167.246.0/24|117.27.149.0/24|59.51.81.0/24|183.61.236.0/24|124.95.168.0/24|61.54.46.0/24|101.71.55.0/24|183.232.51.0/24|182.150.0.0/24|112.25.90.0/24|122.190.2.0/24|119.84.92.0/24|183.61.177.0/24|125.39.174.0/24|117.148.160.0/24|112.65.73.0/24|115.231.186.0/24|112.65.75.0/24|113.207.102.0/24|180.163.189.0/24|119.188.9.0/24|61.156.149.0/24|61.182.136.0/24|219.159.84.0/24|116.31.126.0/24|117.34.14.0/24|42.236.94.0/24|150.138.149.0/24|220.170.185.0/24|14.17.71.0/24|124.95.188.0/24|61.54.47.0/24|101.71.56.0/24|183.232.53.0/24|182.150.1.0/24|112.25.91.0/24|122.190.3.0/24|119.84.93.0/24|183.61.190.0/24|125.39.239.0/24|117.148.161.0/24|115.231.187.0/24|163.53.89.0/24|61.155.165.0/24|120.52.29.0/24|116.31.127.0/24|150.138.150.0/24|220.170.186.0/24|157.255.25.0/24|58.211.2.0/24|113.207.100.0/24|101.227.206.0/24|120.52.113.0/24|150.138.151.0/24|157.255.26.0/24|58.211.137.0/24|101.227.207.0/24|111.32.135.0/24|111.32.136.0/24request填写50,second填写10
勾选white listfix_urlskip_cache防护CC策略上使用下面这段来填写HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Cache-Control: no-cache,no-store

<html><body><script language=\"javascript\">window.location=\"{{murl}}\";</script></body></html>
最终效果图,然后点击提交按钮:

图片:111111111.jpg
这样,我们已经成功启用了在源站的策略防护,并且和CDN同时使用不受影响,并且可以拦截绝大多数的CC攻击,IP隐藏起到了DDOS高级防护,并且0误封访客。

图片:222222.jpg


注:以上步骤也可以在kangle后台虚拟主机的对应的请求控制里如上添加。

建议关联阅读:
kangle white list设置IP连接数黑白名单系统
https://www.cgzz8.cn/t-27030-1-1.html
(出处: 草根吧)

分享喜欢 0回复
回复
1条回应只看楼主最新
民审-M
沙发民审-M金牌草根 2017-07-04 21:46
百度云加速:
14.17.71.0-14.17.71.255|42.236.93.0-42.236.93.255|42.236.94.0-42.236.94.255|58.211.2.0-58.211.2.255|58.211.137.0-58.211.137.255|59.51.81.0-59.51.81.255|61.54.46.0-61.54.46.255|61.54.47.0-61.54.47.255|61.155.149.0-61.155.149.255|61.155.165.0-61.155.165.255|61.156.149.0-61.156.149.255|61.182.136.0-61.182.136.255|61.182.137.0-61.182.137.255|101.71.55.0-101.71.55.255|101.71.56.0-101.71.56.255|101.227.206.0-101.227.206.255|101.227.207.0-101.227.207.255|111.32.135.0-111.32.135.255|111.32.136.0-111.32.136.255|112.25.90.0-112.25.90.255|112.25.91.0-112.25.91.255|112.65.73.0-112.65.73.255|112.65.74.0-112.65.74.255|112.65.75.0-112.65.75.255|113.207.100.0-113.207.100.255|113.207.101.0-113.207.101.255|113.207.102.0-113.207.102.255|115.231.186.0-115.231.186.255|115.231.187.0-115.231.187.255|116.31.126.0-116.31.126.255|116.31.127.0-116.31.127.255|117.27.149.0-117.27.149.255|117.34.13.0-117.34.13.255|117.34.14.0-117.34.14.255|117.148.160.0-117.148.160.255|117.148.161.0-117.148.161.255|119.84.92.0-119.84.92.255|119.84.93.0-119.84.93.255|119.167.246.0-119.167.246.255|119.188.9.0-119.188.9.255|119.188.97.0-119.188.97.255|120.52.29.0-120.52.29.255|120.52.113.0-120.52.113.255|122.190.2.0-122.190.2.255|122.190.3.0-122.190.3.255|124.95.168.0-124.95.168.255|124.95.188.0-124.95.188.255|125.39.174.0-125.39.174.255|125.39.239.0-125.39.239.255|150.138.149.0-150.138.149.255|150.138.150.0-150.138.150.255|150.138.151.0-150.138.151.255|157.255.25.0-157.255.25.255|157.255.26.0-157.255.26.255|163.53.89.0-163.53.89.255|180.163.188.0-180.163.188.255|180.163.189.0-180.163.189.255|182.150.0.0-182.150.0.255|182.150.1.0-182.150.1.255|183.60.235.0-183.60.235.255|183.61.177.0-183.61.177.255|183.61.190.0-183.61.190.255|183.61.236.0-183.61.236.255|183.232.51.0-183.232.51.255|183.232.53.0-183.232.53.255|219.159.84.0-219.159.84.255|220.170.185.0-220.170.185.255|220.170.186.0-220.170.186.255|222.216.190.0-222.216.190.255

牛盾云加速:
113.31.27.0-113.31.27.255|183.56.172.0-183.56.172.255|222.186.19.0-222.186.19.255|27.24.190.0-27.24.190.255|122.226.182.0-122.226.182.255|36.99.18.0-36.99.18.255|112.253.14.0-112.253.14.255|221.204.202.0-221.204.202.255|42.236.6.0-42.236.6.255|61.130.28.0-61.130.28.255|61.174.9.0-61.174.9.255|120.92.248.0-120.92.248.255|223.94.66.0-223.94.66.255|222.88.94.0-222.88.94.255|61.163.30.0-61.163.30.255|113.31.134.0-113.31.134.255|223.94.95.0-223.94.95.255|112.25.11.0-112.25.11.255|183.250.179.0-183.250.179.255|183.240.9.0-183.240.9.255|125.39.5.0-125.39.5.255|124.193.166.0-124.193.166.255|122.70.134.0-122.70.134.25|113.207.30.0-113.207.30.255|111.7.163.0-111.7.163.25|122.228.198.0-122.228.198.255|121.12.98.0-121.12.98.255|60.12.166.0-60.12.166.255|58.217.245.0-58.217.245.255|119.90.62.0-119.90.62.255

回复 0
游客
登录后才可以回帖,登录 或者 注册