2

当我将它添加到我的.htaccess文件时,性能会受到什么影响:

如何使用 .htaccess 阻止自动垃圾邮件机器人

还是应该将其添加到我的PHP文件中?

还是完全不考虑?因为垃圾邮件发送者可能会伪造他们的用户代理

阻止用户通过代理服务器访问您的网站是否也有意义?我知道这也可能会阻止那些并非出于恶意而来的人访问您的网站。但是,人们会通过代理服务器访问网站的一些原因是什么,而不是垃圾邮件,或者当网站在他们的国家被阻止时?

4

4 回答 4

2

当我将它添加到我的 .htaccess 文件时,性能会受到什么影响?

可能,如果您有成千上万个用户代理字符串要匹配。Apache 必须在每个请求上检查此规则。

还是应该将其添加到我的 PHP 文件中?

没有 Apache 对 .htaccess 的解析仍然比 PHP 进程更快。对于 PHP,Apache 必须为每个请求启动一个 PHP 解释器进程。

还是完全不考虑?因为垃圾邮件发送者可能会伪造他们的用户代理?

大概是。大多数恶意垃圾邮件机器人很可能会伪造标准用户代理。

但是,人们会通过代理服务器访问网站的一些原因是什么,而不是垃圾邮件,或者当网站在他们的国家被阻止时?

代理服务器有很多合法用途。一种是使用某种预取来节省移动流量的移动客户端。还有一些 ISP强迫他们的客户使用他们的代理服务器。在我看来,将使用代理服务器的用户拒之门外并不是明智之举。

底线可能是这些事情不值得担心,除非您因为恶意活动而浪费了大量流量。

于 2011-08-11T19:35:20.463 回答
0

...设置域点 com/bottrap 有什么问题,不允许通过 robots.txt 访问它,捕获顽皮的机器人,将其 IP 放入 .txt 数组中,永远拒绝它使用 403 标头访问?

于 2012-09-06T22:27:59.913 回答
0

PHP 限制/阻止蜘蛛/机器人/客户端等的网站请求。

在这里,我编写了一个 PHP 函数,它可以阻止不需要的请求以减少您的网站流量。上帝赐予蜘蛛、机器人和烦人的客户。

客户端/机器人拦截器

演示: http ://szczepan.info/9-webdesign/php/1-php-limit-block-website-requests-for-spiders-bots-clients-etc.html

代码:

/* Function which can Block unwanted Requests
 * @return boolean/array status
 */
function requestBlocker()
{
        /*
        Version 1.0 11 Jan 2013
        Author: Szczepan K
        http://www.szczepan.info
        me[@] szczepan [dot] info
        ###Description###
        A PHP function which can Block unwanted Requests to reduce your Website-Traffic.
        God for Spiders, Bots and annoying Clients.

        */

        $dir = 'requestBlocker/'; ## Create & set directory writeable!!!!

        $rules   = array(
                #You can add multiple Rules in a array like this one here
                #Notice that large "sec definitions" (like 60*60*60) will blow up your client File
                array(
                        //if >5 requests in 5 Seconds then Block client 15 Seconds
                        'requests' => 5, //5 requests
                        'sek' => 5, //5 requests in 5 Seconds
                        'blockTime' => 15 // Block client 15 Seconds
                ),
                array(
                        //if >10 requests in 30 Seconds then Block client 20 Seconds
                        'requests' => 10, //10 requests
                        'sek' => 30, //10 requests in 30 Seconds
                        'blockTime' => 20 // Block client 20 Seconds
                ),
                array(
                        //if >200 requests in 1 Hour then Block client 10 Minutes
                        'requests' => 200, //200 requests
                        'sek' => 60 * 60, //200 requests in 1 Hour
                        'blockTime' => 60 * 10 // Block client 10 Minutes
                )
        );
        $time    = time();
        $blockIt = array();
        $user    = array();

        #Set Unique Name for each Client-File 
        $user[] = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'IP_unknown';
        $user[] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
        $user[] = strtolower(gethostbyaddr($user[0]));

        # Notice that i use files because bots does not accept Sessions
        $botFile = $dir . substr($user[0], 0, 8) . '_' . substr(md5(join('', $user)), 0, 5) . '.txt';


        if (file_exists($botFile)) {
                $file   = file_get_contents($botFile);
                $client = unserialize($file);

        } else {
                $client                = array();
                $client['time'][$time] = 0;
        }

        # Set/Unset Blocktime for blocked Clients
        if (isset($client['block'])) {
                foreach ($client['block'] as $ruleNr => $timestampPast) {
                        $left = $time - $timestampPast;
                        if (($left) > $rules[$ruleNr]['blockTime']) {
                                unset($client['block'][$ruleNr]);
                                continue;
                        }
                        $blockIt[] = 'Block active for Rule: ' . $ruleNr . ' - unlock in ' . ($left - $rules[$ruleNr]['blockTime']) . ' Sec.';
                }
                if (!empty($blockIt)) {
                        return $blockIt;
                }
        }

        # log/count each access
        if (!isset($client['time'][$time])) {
                $client['time'][$time] = 1;
        } else {
                $client['time'][$time]++;

        }

        #check the Rules for Client
        $min = array(
                0
        );
        foreach ($rules as $ruleNr => $v) {
                $i            = 0;
                $tr           = false;
                $sum[$ruleNr] = '';
                $requests     = $v['requests'];
                $sek          = $v['sek'];
                foreach ($client['time'] as $timestampPast => $count) {
                        if (($time - $timestampPast) < $sek) {
                                $sum[$ruleNr] += $count;
                                if ($tr == false) {
                                        #register non-use Timestamps for File 
                                        $min[] = $i;
                                        unset($min[0]);
                                        $tr = true;
                                }
                        }
                        $i++;
                }

                if ($sum[$ruleNr] > $requests) {
                        $blockIt[]                = 'Limit : ' . $ruleNr . '=' . $requests . ' requests in ' . $sek . ' seconds!';
                        $client['block'][$ruleNr] = $time;
                }
        }
        $min = min($min) - 1;
        #drop non-use Timestamps in File 
        foreach ($client['time'] as $k => $v) {
                if (!($min <= $i)) {
                        unset($client['time'][$k]);
                }
        }
        $file = file_put_contents($botFile, serialize($client));


        return $blockIt;

}


if ($t = requestBlocker()) {
        echo 'dont pass here!';
        print_R($t);
} else {
        echo "go on!";
}
于 2013-01-11T11:40:51.370 回答
0

与阻止相比,我个人会更专注于保护网站的表单、代码、开放端口等基础知识。无论如何,访问很重要!;)

于 2011-08-11T19:38:33.023 回答