视频网站上市公司有哪些,php与 wordpress,最新新闻事件2023,做一个网站多久python通过日志分析加入黑名单
监控nginx日志#xff0c;若有人攻击#xff0c;则加入黑名单#xff0c;操作步骤如下#xff1a;
1.读取日志文件
2.分隔文件#xff0c;取出ip
3.将取出的ip放入list#xff0c;然后判读ip的次数
4.若超过设定的次数#xff0c;则加… python通过日志分析加入黑名单
监控nginx日志若有人攻击则加入黑名单操作步骤如下
1.读取日志文件
2.分隔文件取出ip
3.将取出的ip放入list然后判读ip的次数
4.若超过设定的次数则加入黑名单
日志信息如下 178.210.90.90 - - [04/Jun/2017:03:44:13 0800] GET /wp-includes/logo_img.php HTTP/1.0 302 161
http://nnzhp.cn/wp-includes/logo_img.php Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4
(KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4 10.3.152.221
178.210.90.90 - - [04/Jun/2017:03:44:13 0800] GET /blog HTTP/1.0 301 233
logo_img.php Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko)
Chrome/5.0.375.99 Safari/533.4 10.3.152.221
178.210.90.90 - - [04/Jun/2017:03:44:15 0800] GET /blog/ HTTP/1.0 200 38278
logo_img.php Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/
5.0.375.99 Safari/533.4 10.3.152.221
66.249.75.29 - - [04/Jun/2017:03:45:55 0800] GET /bbs/forum.php?modforumdisplayfid574filterhot HTTP/1.1
200 17482 - Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html) -
37.9.169.20 - - [04/Jun/2017:03:47:59 0800] GET /wp-admin/security.php HTTP/1.1 302 161
/security.php Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome
/5.0.375.99 Safari/533.4 -
37.9.169.20 - - [04/Jun/2017:03:48:01 0800] GET /blog HTTP/1.1 301 233
security.php Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko)
Chrome/5.0.375.99 Safari/533.4 -
37.9.169.20 - - [04/Jun/2017:03:48:02 0800] GET /blog/ HTTP/1.1 200 38330
security.php Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko)Chrome/5.0.375.99 Safari/533.4 -
37.9.169.20 - - [04/Jun/2017:03:48:21 0800] GET /wp-admin/security.php HTTP/1.1 302 161
wp-admin/security.php Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko)
Chrome/5.0.375.99 Safari/533.4 -
37.9.169.20 - - [04/Jun/2017:03:48:21 0800] GET /blog HTTP/1.1 301 233 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4 -
37.9.169.20 - - [04/Jun/2017:03:48:23 0800] GET /blog/ HTTP/1.1 200 38330 http://nnzhp.cn/wp-admin/security.php
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99
Safari/533.4 - 代码如下 import os
import time
#os.system(ipconfig) #用来操作系统命令
while True:list_ip []with open(access.log) as fp:for line in fp:ip line.split()[0] #获取iplist_ip.append(ip)os.system(access.log) #清空文件内容set_ips set(list_ip) #去除重复的ip值for ip in set_ips:if list_ip.count(ip) 200: #若list_ip内重复出现的ip次数大于200则加入黑名单os.system(iptables -I INPUT 1 -p tcp -s %s -j DROP % ip)time.sleep(60)
