直接贴上 iptables 禁止的 ip 吧,如下:
target prot opt source destination REJECT all -- 39.103.152.13 anywhere reject-with icmp-port-unreachable REJECT all -- 101.133.224.74 anywhere reject-with icmp-port-unreachable REJECT all -- 39.103.165.234 anywhere reject-with icmp-port-unreachable REJECT all -- vmi593068.contaboserver.net anywhere reject-with icmp-port-unreachable REJECT all -- 101.133.149.35 anywhere reject-with icmp-port-unreachable REJECT all -- 206.189.125.204 anywhere reject-with icmp-port-unreachable REJECT all -- 198.98.51.76 anywhere reject-with icmp-port-unreachable REJECT all -- 68.183.148.131 anywhere reject-with icmp-port-unreachable REJECT all -- 101.133.226.161 anywhere reject-with icmp-port-unreachable RETURN all -- anywhere anywhere
被拦截后 nginx 错误日志里就会如下一些提示:
2022/01/18 14:18:25 [error] 25#25: *379952 recv() failed (104: Connection reset by peer) while proxying and reading from upstream, client: 89.248.165.25,
同时就上周开始到现在的相关日志大小也挺惊人的:
所以说以前几年懂得不多的时候,合着就默默承受了这些攻击,虽然说我的密码都是用 1password 随机生成的,其他都是 ssh ,但还是怕别人运气好,在日志中还可以看到很多骚操作,比如撞库,尝试创建脚本,或者访问一些默认生成的文件之类的,不过一般他们也没能得逞,如果真有程序上的漏洞我也管不着,尽人事听天命。
周末抽空写下 docker 中 fail2ban 的配置方法,虽然总的来说也挺简单的,但还是记录下。
本站由以下主机服务商提供服务支持:
0条评论