Villain博客文章摘要
最近导航网站频繁遭受流量攻击,流量暴增,困扰了用户两个月,平均达到20G。通过在电报群中获取经验,用户成功部署了CF的WAF防火墙规则,有效过滤恶意流量。添加的规则包括:针对威胁评分高于5且非恶意用户的行为,以及特定用户 Agent头信息,如DuckDuckGo、Facebook等恶意浏览器,旨在识别并阻止攻击流量,保障网站安全。
最近导航网站经常被流量攻击,疯狂跑网站流量,两个小时20G左右吧,一直困扰着我,
后来在电报群里的大神指点下,用上了CF的WAF的防火墙规则!
添加防火墙规则表达式
第一
(cf.threat_score ge 5 and not cf.client.bot) or (not http.request.version in {“HTTP/1.2” “HTTP/2” “HTTP/3” “SPDY/3.1”}) or (not http.user_agent contains “Mozilla/”)
第二
(cf.client.bot) or (http.user_agent contains “duckduckgo”) or (http.user_agent contains “facebookexternalhit”) or (http.user_agent contains “Feedfetcher-Google”) or (http.user_agent contains “LinkedInBot”) or (http.user_agent contains “Mediapartners-Google”) or (http.user_agent contains “msnbot”) or (http.user_agent contains “Slackbot”) or (http.user_agent contains “TwitterBot”) or (http.user_agent contains “ia_archive”) or (http.user_agent contains “yahoo”)
