NutzCN Logo
问答 大佬们怎么面对or屏蔽 这种爬虫或者黑客嗅探?
发布于 1385天前 作者 zzyyzz1992 1853 次浏览 复制 上一个帖子 下一个帖子
标签:

框架:nutzfw
请问一下:
1、在哪里能截获这种请求并获取到请求的ip?
2、大佬们怎么面对or屏蔽 这种爬虫或者黑客嗅探?我认为这存在很大的安全风险啊!
类似这种:
2021-03-08 15:14:50.076 DEBUG org.nutz.mvc.impl.UrlMappingImpl Line:110 - Search mapping for [GET] path=/config/getuser : NOT Action match
08-Mar-2021 15:21:07.536 信息 [http-nio-8080-exec-22] org.apache.tomcat.util.http.parser.Cookie.logInvidHeader 收到包含无效cookie的cookie头[phtml,php3"; Vis=fcfdab200eba46e9bc043173e43864f8; hmf_search_en=; cookieId=16151774162542147483647; JSESSIONID.d610b32d=node0qbpq97r67882f9pa34kcieec21274.node0; egwP_2132_saltkey=kc98YtDn; egwP_2132_lastvisit=1615173932; egwP_2132_lastact=1615177532%09forum.php%09viewthread; is_first_tc=isfirst; egwP_2132_visitedfid=284; egwP_2132_viewid=tid_18348099; egwP_2132_view_fid284_count=20210308_1; InitSiteID=12311095; SiteType=1; IsDefaultLang=1; WUserID=15162615818408; Lang=cn; ccoo=userface=&user%5Fblack=&nickname=&userclass=&jf=&username=; xxoo=userstate=; ASPSESSIONIDSSSDBCTS=ODABGDICADDKMLNMJNAKKONK; d_id=cc1810ccaefa43d7b809735f44f3c2; se5c9b17e=1d8c8tp64ug009iknslhutqs45; ASPSESSIONIDQSCQTBRT=AHMDPGICEMFCCPMJJNPNJBNM; ASPSESSIONIDASRBSRCQ=DHEGABGCELHGBEJFPPFIDCLI; session_prefix=c6f919da79cf53d3c1d89affec2af728; ASPSESSIONIDCQTDDACR=CLKNJENCNBPJKJEBJIAAMDJN; JitN_2132_saltkey=q4X40aBK; JitN_2132_lastvisit=1615175650; JitN_2132_sid=D8dWrE; JitN_2132_lastact=1615179250%09home.php%09; JitN_2132_home_readfeed=1615179250; ASPSESSIONIDQADSSTBS=HCHLMFKCENOOKEBDIAAOFHMA; houseid=think%3A%5B%22534357%22%5D; ASPSESSIONIDSABQBCSR=AMCOEDICKDJIJCJECOBFAGPA; VyPM_2132_saltkey=VlY6SOtb; VyPM_2132_lastvisit=1615176309; VyPM_2132_sid=P5XxxX; VyPM_2132_lastact=1615179909%09forum.php%09viewthread; VyPM_2132_st_p=0%7C1615179909%7C73da88508b910dbf7f72998dcabe738a; VyPM_2132_visitedfid=151; VyPM_2132_viewid=tid_770727; ASPSESSIONIDCCSACTRS=EOGOBNMCFJLOFFMNAGJIEEBJ; SESSION_COOKIE=C; USR=sna3bvnb%090%091615180470%09http%3A%2F%2Fm.yahui.cc%2Fforex%2Fnews%2F1340581-1.htm; SERVERID=_srv80-63; ASPSESSIONIDCQBDSTAT=IBGDMJNCBEJEFDCHDKJBKHLP; corefc1cvisit=1615180867; wxcha_session=eyJpdiI6IkFGcHE2dm4ySm9ncjBYVWRIbzZ6YUE9PSIsInZhbHVlIjoiUm80M3A3Mm41dkd5cnpLdDAzZnd3WFBlYW1rTHdtK1ZhVGdjR091cFd2Smd2RlZZS2h3YlVwK0ZUN25Fck12R2xNRGp0d2ZadktCdUdOMEFsdHBIUjZTclBoRWVWcHBIOWZFSEZFQlljczlqNGI4WStDR21FZXlpZTZjZHhpeTgiLCJtYWMiOiJlODg2MmE3MWQ4YzY4ZmIzYjg2YTY4OGJhNjBiMTAzNGUzYmEwMjYxNDMyYTE4YmRmZGMyNDgzNDZiMWJhNjlmIn0%3D; FSPC=0_CNY_%EF%BF%A5_1.0000_0_1.0000; SESSION=ab69d4bd-e7bc-41db-91fc-3e3c66d6eff4; bbs_sid=4jkb7k36tg8a9t6m5ruho9es27; cookie_test=qYzb1TM_2BL0CFJvnGRz9VO5HrV1XxDeHk3Inajr2kiTLMqRqy; XDEBUG_SESSION=1; shop_id=8007537; is_not_first=0; item_list_page4031303=0; pjsh_session=eyJpdiI6InI3clIrTjhhSDIrQXZXSkV6RlRFcEE9PSIsInZhbHVlIjoiTmVoWlNMbEE2RVpOd1d5Rndjc1NiTk9MM0ZmRU9mNUhJZmUxc1daWmMyVGxldW8wZ3M1R2JOeGY4dlhoQytNY0l1Z0NlZFwvdjFHYnlvUHc2WDQzXC9lQT09IiwibWFjIjoiODg2MjYyNjdkOWY0NDFjYjJjM2MxNTYzMWY2YjM4NjQ2ZDQ0MTA5MzE5NzI4YzQ5NWY0NjNkZjU5ZTQxOTBlNSJ9; mid=RdoXOv; STOCK7-FINANCE-SINA-COM-CN=; ASPSESSIONIDSSCTQTCR=HKJHIMKCAJJNGLGJEHEGHJGL; zhangTime%5F109=2021%2D03%2D08+14%3A04%3A42; zhangID%5F109=747833; shuID%5F109=109; zhangName%5F109=%B5%DA37%D5%C2+%D3%D5%BB%F3; ASPSESSIONIDASRQBQTT=KEHGJNKCOGDBOJGFEJGCCNOE; Tf8x_2132_saltkey=EoKw9pVl; Tf8x_2132_lastvisit=1615179896; Tf8x_2132_sid=D4IngU; Tf8x_2132_lastact=1615183496%09index.php%09viewthread; Tf8x_2132_st_p=0%7C1615183496%7C1921f277585b6d63158fd2c8538bbea6; Tf8x_2132_visitedfid=40; Tf8x_2132_viewid=tid_295; PHPSESSID=p5etjsa9gi4oq02o2v7cv6i8d3; _gitlab_session=298e4bed93a94281564b1fcc1d5e49fe; yz_site=isSite; ASPSESSIONIDCCSTQTBT=CALONLLCOBABBGFKEKCBJGEJ; Dc0_city=2%7Chttp%3A%2F%2Fwww.xzfang.net%2F; zentaosid=f2fb9f9222097eddc18ffc30490afc52; beegosessionID=5a8c437fa2b06336b5ed5e1ca9532643; from_house_id=0; ofkqireturnurl=%2F; yzih_2132_saltkey=zpsElW5k; yzih_2132_lastvisit=1615182250; yzih_2132_sid=KnBWR5; yzih_2132_lastact=1615185850%09forum.php%09viewthread; yzih_2132_pc_size_c=0; yzih_2132_st_p=0%7C1615185850%7C8c8c2aae2df0965ea0093e7a8fd110f2; yzih_2132_visitedfid=86; yzih_2132_viewid=tid_11335; think_template=%22Default%22; session=eyJjc3JmX3Rva2VuIjoiNDlkNTFmNGUyZmFmYjVhNzA3MzdjZTIyNTkxZGVmOTM1NDRhZjI3ZCJ9.EydZ_w.M7nqdgkQlqlExnHF9Oki8pnzOoQ; X_CACHE_KEY=ab15424a97e9a7028745583f181c2e07; PTCMS_history=32154%2C461; banIpStatus=no; item_list_page8007537=0; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223a6580c42c1e5638134726389252f5cd%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A11%3A%2210.105.5.99%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A72%3A%22Mozilla%2F5.0+%28Windows+NT+6.1%3B+WOW64%3B+rv%3A57.0%29+Gecko%2F20100101+Firefox%2F57.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1615186583%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dfdfe886ab3fc778b4730d80fc642288078c20ade; ASPSESSIONIDCABDSDDD=HOFCBMJCEBPEPHHABIONANDN; JSESSIONID=F6E154770DD706DB91B70FE6F6291E61; fikker-BcVQ-doTi=tqhEx5pA07IkPQ2W4oHQMcTK6IjaOGXi; his_goods_ids=%7B%22type%22%3A%22B%22%2C%22goodsid%22%3A%22581054213725%22%2C%22time%22%3A1615187299%7D%3B; _csrf=08e775d02c3f13069693dd937957d7452093ed1bcb8c903d59a1051f95730398a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22e18-SMPV188b3M0m1rdYcjbmpf19f53x%22%3B%7D; _app_frontend_language=zh-cn; visittimes=1]。将忽略okie。␣注意:此错误的进一步出现将记录在调试级别。
2021-03-08 15:21:07.541 DEBUG org.nutz.mvc.impl.UrlMappingImpl Line:110 - Search mapping for [GET] path=/html/public/index : NOT Action match

2 回复

每隔一段时间就会出现,
/config/getuser
/html/public/index
这些path我都没有定义,看cookie也是充满恶意啊。

看着不爽就写个黑名单遇到了就给他抓ip放进去----但是有种东西叫做ip代理
so,这种不正常的cookie直接把请求给过滤掉就好了,直接给一个死亡微笑瞬间就心情愉悦了

添加回复
请先登陆
回到顶部