Thứ Năm, 23 tháng 7, 2020

Block Unwanted Bots on Apache & Nginx

Robots.txt version
Code:
User-agent: AhrefsBot
User-agent: AhrefsSiteAudit
User-agent: adbeat_bot
User-agent: Alexibot
User-agent: AppEngine
User-agent: Aqua_Products
User-agent: archive.org_bot
User-agent: archive
User-agent: asterias
User-agent: b2w/0.1
User-agent: BackDoorBot/1.0
User-agent: BecomeBot
User-agent: BlekkoBot
User-agent: Blexbot
User-agent: BlowFish/1.0
User-agent: Bookmark search tool
User-agent: BotALot
User-agent: BuiltBotTough
User-agent: Bullseye/1.0
User-agent: BunnySlippers
User-agent: CCBot
User-agent: CheeseBot
User-agent: CherryPicker
User-agent: CherryPickerElite/1.0
User-agent: CherryPickerSE/1.0
User-agent: chroot
User-agent: Copernic
User-agent: CopyRightCheck
User-agent: cosmos
User-agent: Crescent
User-agent: Crescent Internet ToolPak HTTP OLE Control v.1.0
User-agent: DittoSpyder
User-agent: dotbot
User-agent: dumbot
User-agent: EmailCollector
User-agent: EmailSiphon
User-agent: EmailWolf
User-agent: Enterprise_Search
User-agent: Enterprise_Search/1.0
User-agent: EroCrawler
User-agent: es
User-agent: exabot
User-agent: ExtractorPro
User-agent: FairAd Client
User-agent: Flaming AttackBot
User-agent: Foobot
User-agent: Gaisbot
User-agent: GetRight/4.2
User-agent: gigabot
User-agent: grub
User-agent: grub-client
User-agent: Go-http-client
User-agent: Harvest/1.5
User-agent: Hatena Antenna
User-agent: hloader
User-agent: http://www.SearchEngineWorld.com bot
User-agent: http://www.WebmasterWorld.com bot
User-agent: httplib
User-agent: humanlinks
User-agent: ia_archiver
User-agent: ia_archiver/1.6
User-agent: InfoNaviRobot
User-agent: Iron33/1.0.2
User-agent: JamesBOT
User-agent: JennyBot
User-agent: Jetbot
User-agent: Jetbot/1.0
User-agent: Jorgee
User-agent: Kenjin Spider
User-agent: Keyword Density/0.9
User-agent: larbin
User-agent: LexiBot
User-agent: libWeb/clsHTTP
User-agent: LinkextractorPro
User-agent: LinkpadBot
User-agent: LinkScan/8.1a Unix
User-agent: LinkWalker
User-agent: LNSpiderguy
User-agent: looksmart
User-agent: lwp-trivial
User-agent: lwp-trivial/1.34
User-agent: Mata Hari
User-agent: Megalodon
User-agent: Microsoft URL Control
User-agent: Microsoft URL Control - 5.01.4511
User-agent: Microsoft URL Control - 6.00.8169
User-agent: MIIxpc
User-agent: MIIxpc/4.2
User-agent: Mister PiX
User-agent: MJ12bot
User-agent: moget
User-agent: moget/2.1
User-agent: mozilla
User-agent: Mozilla
User-agent: mozilla/3
User-agent: mozilla/4
User-agent: Mozilla/4.0 (compatible; BullsEye; Windows 95)
User-agent: Mozilla/4.0 (compatible; MSIE 4.0; Windows 2000)
User-agent: Mozilla/4.0 (compatible; MSIE 4.0; Windows 95)
User-agent: Mozilla/4.0 (compatible; MSIE 4.0; Windows 98)
User-agent: Mozilla/4.0 (compatible; MSIE 4.0; Windows NT)
User-agent: Mozilla/4.0 (compatible; MSIE 4.0; Windows XP)
User-agent: mozilla/5
User-agent: MSIECrawler
User-agent: naver
User-agent: NerdyBot
User-agent: NetAnts
User-agent: NetMechanic
User-agent: NICErsPRO
User-agent: Nutch
User-agent: Offline Explorer
User-agent: Openbot
User-agent: Openfind
User-agent: Openfind data gathere
User-agent: Oracle Ultra Search
User-agent: PerMan
User-agent: ProPowerBot/2.14
User-agent: ProWebWalker
User-agent: psbot
User-agent: Python-urllib
User-agent: QueryN Metasearch
User-agent: Radiation Retriever 1.1
User-agent: RepoMonkey
User-agent: RepoMonkey Bait & Tackle/v1.01
User-agent: RMA
User-agent: rogerbot
User-agent: scooter
User-agent: Screaming Frog SEO Spider
User-agent: searchpreview
User-agent: SEMrushBot
User-agent: SemrushBot
User-agent: SemrushBot-SA
User-agent: SEOkicks-Robot
User-agent: SiteSnagger
User-agent: sootle
User-agent: SpankBot
User-agent: spanner
User-agent: spbot
User-agent: Stanford
User-agent: Stanford Comp Sci
User-agent: Stanford CompClub
User-agent: Stanford CompSciClub
User-agent: Stanford Spiderboys
User-agent: SurveyBot
User-agent: SurveyBot_IgnoreIP
User-agent: suzuran
User-agent: Szukacz/1.4
User-agent: Szukacz/1.4
User-agent: Teleport
User-agent: TeleportPro
User-agent: Telesoft
User-agent: Teoma
User-agent: The Intraformant
User-agent: TheNomad
User-agent: toCrawl/UrlDispatcher
User-agent: True_Robot
User-agent: True_Robot/1.0
User-agent: turingos
User-agent: Typhoeus
User-agent: URL Control
User-agent: URL_Spider_Pro
User-agent: URLy Warning
User-agent: VCI
User-agent: VCI WebViewer VCI WebViewer Win32
User-agent: Web Image Collector
User-agent: WebAuto
User-agent: WebBandit
User-agent: WebBandit/3.50
User-agent: WebCopier
User-agent: WebEnhancer
User-agent: WebmasterWorld Extractor
User-agent: WebmasterWorldForumBot
User-agent: WebSauger
User-agent: Website Quester
User-agent: Webster Pro
User-agent: WebStripper
User-agent: WebVac
User-agent: WebZip
User-agent: WebZip/4.0
User-agent: Wget
User-agent: Wget/1.5.3
User-agent: Wget/1.6
User-agent: WWW-Collector-E
User-agent: Xenu's
User-agent: Xenu's Link Sleuth 1.1c
User-agent: Zeus
User-agent: Zeus 32297 Webster Pro V2.9 Win32
User-agent: Zeus Link Scout
Disallow: /    


.htaccess version (Apache)

Code:
RewriteEngine On
RewriteCond %{REQUEST_URI} !/robots.txt$
RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*EventMachine.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*NerdyBot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Typhoeus.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*archive.org_bot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*archive.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*adbeat_bot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*github.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*chroot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Jorgee.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Go\ 1.1\ package.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Go-http-client.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Copyscape.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*semrushbot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*semrushbot-sa.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*JamesBOT.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*SEOkicks-Robot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*LinkpadBot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*getty.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*picscout.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*AppEngine.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Zend_Http_Client.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*BlackWidow.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*openlink.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*spbot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Nutch.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Jetbot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebVac.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Stanford.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*scooter.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*naver.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*dumbot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Hatena\ Antenna.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*grub.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*looksmart.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebZip.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*larbin.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*b2w/0.1.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Copernic.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*psbot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Python-urllib.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*NetMechanic.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*URL_Spider_Pro.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*CherryPicker.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*ExtractorPro.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*CopyRightCheck.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Crescent.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*CCBot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*SiteSnagger.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*ProWebWalker.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*CheeseBot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*LNSpiderguy.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*EmailCollector.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*EmailSiphon.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebBandit.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*EmailWolf.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*ia_archiver.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Alexibot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Teleport.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*MIIxpc.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Telesoft.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Website\ Quester.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*moget.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebStripper.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebSauger.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebCopier.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*NetAnts.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Mister\ PiX.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebAuto.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*TheNomad.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WWW-Collector-E.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*RMA.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*libWeb/clsHTTP.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*asterias.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*httplib.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*turingos.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*spanner.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Harvest.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*InfoNaviRobot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Bullseye.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebBandit.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*NICErsPRO.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Microsoft\ URL\ Control.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*DittoSpyder.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Foobot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebmasterWorldForumBot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*SpankBot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*BotALot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*lwp-trivial.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebmasterWorld.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*BunnySlippers.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*URLy\ Warning.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*LinkWalker.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*cosmos.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*hloader.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*humanlinks.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*LinkextractorPro.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Offline\ Explorer.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Mata\ Hari.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*LexiBot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Web\ Image\ Collector.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*woobot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*The\ Intraformant.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*True_Robot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*BlowFish.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*SearchEngineWorld.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*JennyBot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*MIIxpc.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*BuiltBotTough.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*ProPowerBot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*BackDoorBot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*toCrawl/UrlDispatcher.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebEnhancer.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*suzuran.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebViewer.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*VCI.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Szukacz.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*QueryN.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Openfind.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Openbot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Webster.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*EroCrawler.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*LinkScan.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Keyword.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Kenjin.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Iron33.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Bookmark\ search\ tool.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*GetRight.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*FairAd\ Client.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Gaisbot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Aqua_Products.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Radiation\ Retriever\ 1.1.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Flaming\ AttackBot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Oracle\ Ultra\ Search.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*MSIECrawler.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*PerMan.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*searchpreview.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*sootle.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Enterprise_Search.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Bot\ mailto:craftbot@yahoo.com.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*ChinaClaw.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Custo.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*DISCo.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Download\ Demon.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*eCatch.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*EirGrabber.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*EmailSiphon.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*EmailWolf.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Express\ WebPictures.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*ExtractorPro.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*EyeNetIE.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*FlashGet.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*GetRight.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*GetWeb!.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Go!Zilla.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Go-Ahead-Got-It.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*GrabNet.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Grafula.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*HMView.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*HTTrack.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Image\ Stripper.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Image\ Sucker.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Indy\ Library.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*InterGET.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Internet\ Ninja.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*JetCar.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*JOC\ Web\ Spider.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*larbin.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*LeechFTP.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Mass\ Downloader.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*MIDown\ tool.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Mister\ PiX.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Navroad.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*NearSite.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*NetAnts.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*NetSpider.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Net\ Vampire.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*NetZIP.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Octopus.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Offline\ Explorer.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Offline\ Navigator.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*PageGrabber.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Papa\ Foto.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*pavuk.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*pcBrowser.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*RealDownload.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*ReGet.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*SiteSnagger.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*SmartDownload.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*SuperBot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*SuperHTTP.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Surfbot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*tAkeOut.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Teleport\ Pro.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*VoidEYE.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Web\ Image\ Collector.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Web\ Sucker.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebAuto.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebCopier.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebFetch.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebGo\ IS.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebLeacher.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebReaper.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebSauger.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*wesee.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Website\ eXtractor.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Website\ Quester.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebStripper.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebWhacker.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebZIP.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Wget.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Widow.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WWWOFFLE.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Xaldon\ WebSpider.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Zeus.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Semrush.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*BecomeBot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Screaming.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Screaming\ FrogSEO.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*SEO.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*AhrefsBot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*AhrefsSiteAudit.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*MJ12bot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*rogerbot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*exabot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Xenu.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*dotbot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*gigabot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Twengabot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*htmlparser.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*libwww.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Python.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*perl.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*urllib.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*scan.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Curl.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*email.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*PycURL.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*Pyth.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*PyQ.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebCollector.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*WebCopy.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*webcraw.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*webcraw.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*SurveyBot.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*SurveyBot_IgnoreIP.*$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*BlekkoBot.*$ [NC]
RewriteRule ^.*.* http://www.google.com/ [L]

nginx.conf version (NGINX)

inside http block (nginx.conf)
Code:
http {
map $http_user_agent $limit_bots {
     default 0;
     ~*(adbeat_bot|ahrefsbot|ahrefssiteaudit|alexibot|appengine|aqua_products|archive.org_bot|archive|asterias|attackbot|b2w|backdoorbot|becomebot|blackwidow|blekkobot) 1;
     ~*(blowfish|botalot|builtbottough|bullseye|bunnyslippers|ccbot|cheesebot|cherrypicker|chinaclaw|chroot|clshttp|collector) 1;
     ~*(control|copernic|copyrightcheck|copyscape|cosmos|craftbot|crescent|curl|custo|demon) 1;
     ~*(disco|dittospyder|dotbot|download|downloader|dumbot|ecatch|eirgrabber|email|emailcollector) 1;
     ~*(emailsiphon|emailwolf|enterprise_search|erocrawler|eventmachine|exabot|express|extractor|extractorpro|eyenetie) 1;
     ~*(fairad|flaming|flashget|foobot|foto|gaisbot|getright|getty|getweb!|gigabot) 1;
     ~*(github|go!zilla|go-ahead-got-it|go-http-client|grabnet|grafula|grub|hari|harvest|hatena|antenna|hloader) 1;
     ~*(hmview|htmlparser|httplib|httrack|humanlinks|ia_archiver|indy|infonavirobot|interget|intraformant) 1;
     ~*(iron33|jamesbot|jennybot|jetbot|jetcar|joc|jorgee|kenjin|keyword|larbin|leechftp) 1;
     ~*(lexibot|library|libweb|libwww|linkextractorpro|linkpadbot|linkscan|linkwalker|lnspiderguy|looksmart) 1;
     ~*(lwp-trivial|mass|mata|midown|miixpc|mister|mj12bot|moget|msiecrawler|naver) 1;
     ~*(navroad|nearsite|nerdybot|netants|netmechanic|netspider|netzip|nicerspro|ninja|nutch) 1;
     ~*(octopus|offline|openbot|openfind|openlink|pagegrabber|papa|pavuk|pcbrowser|perl) 1;
     ~*(perman|picscout|propowerbot|prowebwalker|psbot|pycurl|pyq|pyth|python) 1;
     ~*(python-urllib|queryn|quester|radiation|realdownload|reget|retriever|rma|rogerbot|scan|screaming|frog|seo) 1;
     ~*(scooter|searchengineworld|searchpreview|semrush|semrushbot|semrushbot-sa|seokicks-robot|sitesnagger|smartdownload|sootle) 1;
     ~*(spankbot|spanner|spbot|spider|stanford|stripper|sucker|superbot|superhttp|surfbot|surveybot) 1;
     ~*(suzuran|szukacz|takeout|teleport|telesoft|thenomad|tocrawl|tool|true_robot|turingos) 1;
     ~*(twengabot|typhoeus|url_spider_pro|urldispatcher|urllib|urly|vampire|vci|voideye|warning) 1;
     ~*(webauto|webbandit|webcollector|webcopier|webcopy|webcraw|webenhancer|webfetch|webgo|webleacher) 1;
     ~*(webmasterworld|webmasterworldforumbot|webpictures|webreaper|websauger|webspider|webster|webstripper|webvac|webviewer) 1;
     ~*(webwhacker|webzip|webzip|wesee|wget|widow|woobot|www-collector-e|wwwoffle|xenu) 1;
}
}
inside each server block (within your example.com file inside sites-available folder)
Code:
server {
location / {
#blocks blank user_agents
if ($http_user_agent = "") { return  301 $scheme://www.google.com/; }

  if ($limit_bots = 1) {
  return  301 $scheme://www.google.com/;
  }
}
}
Read More
Người đăng: vào lúc Không có nhận xét nào:

Thứ Năm, 16 tháng 7, 2020

IIS Block bots

       <rewrite>
            <rules>
        <rule name="Block Common Malicious Bot Queries" stopProcessing="true">
          <match url=".*" ignoreCase="false" />
          <conditions logicalGrouping="MatchAny">
            <add input="{QUERY_STRING}" pattern="http\:\/\/www\.google\.com\/humans\.txt\?" />
            <add input="{QUERY_STRING}" pattern="(img|thumb|thumb_editor|thumbopen).php" />
            <add input="{QUERY_STRING}" pattern="fckeditor" />
            <add input="{QUERY_STRING}" pattern="revslider" />
          </conditions>
          <action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
        </rule>
<rule name="Abuse User Agents Blocking" stopProcessing="true">
<match url=".*" ignoreCase="false" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_USER_AGENT}" pattern="^.*(1Noonbot|1on1searchBot|3D_SEARCH|3DE_SEARCH2|3GSE|50.nu|192.comAgent|360Spider|A6-Indexer|AASP|ABACHOBot|Abonti|abot|AbotEmailSearch|Aboundex|AboutUsBot|AccMonitor\ Compliance|accoona|AChulkov.NET\ page\ walker|Acme.Spider|AcoonBot|acquia-crawler|ActiveTouristBot|Acunetix|Ad\ Muncher|AdamM|adbeat_bot|adminshop.com|Advanced\ Email|AESOP_com_SpiderMan|AESpider|AF\ Knowledge\ Now\ Verity|aggregator:Vocus|ah-ha.com|AhrefsBot|AIBOT|aiHitBot|aipbot|AISIID|AITCSRobot|Akamai-SiteSnapshot|AlexaWebSearchPlatform|AlexfDownload|Alexibot|AlkalineBOT|All\ Acronyms|Amfibibot|AmPmPPC.com|AMZNKAssocBot|Anemone|Anonymous|Anonymouse.org|AnotherBot|AnswerBot|AnswerBus|AnswerChase\ PROve|AntBot|antibot-|AntiSantyWorm|Antro.Net|AONDE-Spider|Aport|Aqua_Products|AraBot|Arachmo|Arachnophilia|archive.org_bot|aria\ eQualizer|arianna.libero.it|Arikus_Spider|Art-Online.com|ArtavisBot|Artera|ASpider|ASPSeek|asterias|AstroFind|athenusbot|AtlocalBot|Atomic_Email_Hunter|attach|attrakt|attributor|Attributor.comBot|augurfind|AURESYS|AutoBaron|autoemailspider|autowebdir|AVSearch-|axfeedsbot|Axonize-bot|Ayna|b2w|BackDoorBot|BackRub|BackStreet\ Browser|BackWeb|Baiduspider-video|Bandit|BatchFTP|baypup|BDFetch|BecomeBot|BecomeJPBot|BeetleBot|Bender|besserscheitern-crawl|betaBot|Big\ Brother|Big\ Data|Bigado.com|BigCliqueBot|Bigfoot|BIGLOTRON|Bilbo|BilgiBetaBot|BilgiBot|binlar|bintellibot|bitlybot|BitvoUserAgent|Bizbot003|BizBot04|BizBot04\ kirk.overleaf.com|Black.Hole|Black\ Hole|Blackbird|BlackWidow|bladder\ fusion|Blaiz-Bee|BLEXBot|Blinkx|BlitzBOT|Blog\ Conversation\ Project|BlogMyWay|BlogPulseLive|BlogRefsBot|BlogScope|Blogslive|BloobyBot|BlowFish|BLT|bnf.fr_bot|BoaConstrictor|BoardReader-Image-Fetcher|BOI_crawl_00|BOIA-Scan-Agent|BOIA.ORG-Scan-Agent|boitho.com-dc|Bookmark\ Buddy|bosug|Bot\ Apoena|BotALot|BotRightHere|Botswana|bottybot|BpBot|BRAINTIME_SEARCH|BrokenLinkCheck.com|BrowserEmulator|BrowserMob|BruinBot|BSearchR&amp;D|BSpider|btbot|Btsearch|Buddy|Buibui|BuildCMS|BuiltBotTough|Bullseye|bumblebee|BunnySlippers|BuscadorClarin|Butterfly|BuyHawaiiBot|BuzzBot|byindia|BySpider|byteserver|bzBot|c\ r\ a\ w\ l\ 3\ r|CacheBlaster|CACTVS\ Chemistry|Caddbot|Cafi|Camcrawler|CamelStampede|Canon-WebRecord|Canon-WebRecordPro|CareerBot|casper|cataguru|CatchBot|CazoodleBot|CCBot|CCGCrawl|ccubee|CD-Preload|CE-Preload|Cegbfeieh|Cerberian\ Drtrs|CERT\ FigleafBot|cfetch|CFNetwork|Chameleon|ChangeDetection|Charlotte|Check&amp;Get|Checkbot|Checklinks|checkprivacy|CheeseBot|ChemieDE-NodeBot|CherryPicker|CherryPickerElite|CherryPickerSE|Chilkat|ChinaClaw|CipinetBot|cis455crawler|citeseerxbot|cizilla.com|ClariaBot|clshttp|Clushbot|cmsworldmap|coccoc|CollapsarWEB|Collector|combine|comodo|conceptbot|ConnectSearch|conpilot|ContentSmartz|ContextAd|contype|cookieNET|CoolBott|CoolCheck|Copernic|Copier|CopyRightCheck|core-project|cosmos|Covario-IDS|Cowbot-|Cowdog|crabbyBot|crawl|Crawl_Application|crawl.UserAgent|CrawlConvera|crawler|crawler_for_infomine|CRAWLER-ALTSE.VUNET.ORG-Lynx|crawler-upgrade-config|crawler.kpricorn.org|crawler@|crawler4j|crawler43.ejupiter.com|Crawly|CreativeCommons|Crescent|Crescent\ Internet\ ToolPak\ HTTP\ OLE\ Control|cs-crawler|CSE\ HTML\ Validator|CSHttpClient|Cuasarbot|culsearch|Curl|Custo|Cutbot|cvaulev|Cyberdog|CyberNavi_WebGet|CyberSpyder|CydralSpider).*$" />
<add input="{HTTP_USER_AGENT}" pattern="^.*(D1GArabicEngine|DA|DataCha0s|DataFountains|DataparkSearch|DataSpearSpiderBot|DataSpider|Dattatec.com|Dattatec.com-Sitios-Top|Daumoa|DAUMOA-video|DAUMOA-web|Declumbot|Deepindex|deepnet|DeepTrawl|dejan|del.icio.us-thumbnails|DelvuBot|Deweb|DiaGem|Diamond|DiamondBot|diavol|DiBot|didaxusbot|DigExt|Digger|DiGi-RSSBot|DigitalArchivesBot|DigOut4U|DIIbot|Dillo|Dir_Snatch.exe|DISCo|DISCo\ Pump|discobot|DISCoFinder|Distilled-Reputation-Monitor|Dit|DittoSpyder|DjangoTraineeBot|DKIMRepBot|DoCoMo|DOF-Verify|domaincrawler|DomainScan|DomainWatcher|dotbot|DotSpotsBot|Dow\ Jonesbot|Download|Download\ Demon|Downloader|DOY|dragonfly|Drip|drone|DTAAgent|dtSearchSpider|dumbot|Dwaar|Dwaarbot|DXSeeker|EAH|EasouSpider|EasyDL|ebingbong|EC2LinkFinder|eCairn-Grabber|eCatch|eChooseBot|ecxi|EdisterBot|EduGovSearch|egothor|eidetica.com|EirGrabber|ElisaBot|EllerdaleBot|EMail\ Exractor|EmailCollector|EmailLeach|EmailSiphon|EmailWolf|EMPAS_ROBOT|EnaBot|endeca|EnigmaBot|Enswer\ Neuro|EntityCubeBot|EroCrawler|eStyleSearch|eSyndiCat|Eurosoft-Bot|Evaal|Eventware|Everest-Vulcan|Exabot|Exabot-Images|Exabot-Test|Exabot-XXX|ExaBotTest|ExactSearch|exactseek.com|exooba|Exploder|explorersearch|extract|Extractor|ExtractorPro|EyeNetIE|ez-robot|Ezooms|factbot|FairAd\ Client|falcon|Falconsbot|fast-search-engine|FAST\ Data\ Document|FAST\ ESP|fastbot|fastbot.de|FatBot|Favcollector|Faviconizer|FDM|FedContractorBot|feedfinder|FelixIDE|fembot|fetch_ici|Fetch\ API\ Request|fgcrawler|FHscan|fido|Filangy|FileHound|FindAnISP.com_ISP_Finder|findlinks|FindWeb|Firebat|Fish-Search-Robot|Flaming\ AttackBot|Flamingo_SearchEngine|FlashCapture|FlashGet|flicky|FlickySearchBot|flunky|focused_crawler|FollowSite|Foobot|Fooooo_Web_Video_Crawl|Fopper|FormulaFinderBot|Forschungsportal|fr_crawler|Francis|Freecrawl|FreshDownload|freshlinks.exe|FriendFeedBot|frodo.at|froGgle|FrontPage|Froola|FU-NBI|full_breadth_crawler|FunnelBack|FunWebProducts|FurlBot|g00g1e|G10-Bot|Gaisbot|GalaxyBot|gazz|gcreep|generate_infomine_category_classifiers|genevabot|genieBot|GenieBotRD_SmallCrawl|Genieo|Geomaxenginebot|geometabot|GeonaBot|GeoVisu|GermCrawler|GetHTMLContents|Getleft|GetRight|GetSmart|GetURL.rexx|GetWeb!|Giant|GigablastOpenSource|Gigabot|Girafabot|GleameBot|gnome-vfs|Go-Ahead-Got-It|Go!Zilla|GoForIt.com|GOFORITBOT|gold|Golem|GoodJelly|Gordon-College-Google-Mini|goroam|GoSeebot|gotit|Govbot|GPU\ p2p|grab|Grabber|GrabNet|Grafula|grapeFX|grapeshot|GrapeshotCrawler|grbot|GreenYogi\ [ZSEBOT]|Gromit|GroupMe|grub|grub-client|Grubclient-|GrubNG|GruBot|gsa|GSLFbot|GT::WWW|Gulliver|GulperBot|GurujiBot|GVC|GVC\ BUSINESS|gvcbot.com|HappyFunBot|harvest|HarvestMan|Hatena\ Antenna|Hawler|Hazel's\ Ferret\ hopper|hcat|hclsreport-crawler|HD\ nutch\ agent|Header_Test_Client|healia|Helix|heritrix|hijbul-heritrix-crawler|HiScan|HiSoftware\ AccMonitor|HiSoftware\ AccVerify|hitcrawler_|hivaBot|hloader|HMSEbot|HMView|hoge|holmes|HomePageSearch|Hooblybot-Image|HooWWWer|Hostcrawler|HSFT\ -\ Link|HSFT\ -\ LVU|HSlide|ht:|htdig|Html\ Link\ Validator|HTMLParser|HTTP::Lite|httplib|HTTrack|Huaweisymantecspider|hul-wax|humanlinks|HyperEstraier|Hyperix).*$" />
<add input="{HTTP_USER_AGENT}" pattern="^.*(ia_archiver|IAArchiver-|ibuena|iCab|ICDS-Ingestion|ichiro|iCopyright\ Conductor|id-search|IDBot|IEAutoDiscovery|IECheck|iHWebChecker|IIITBOT|iim_405|IlseBot|IlTrovatore|Iltrovatore-Setaccio|ImageBot|imagefortress|ImagesHereImagesThereImagesEverywhere|ImageVisu|imds_monitor|imo-google-robot-intelink|IncyWincy|Industry\ Cortexcrawler|Indy\ Library|indylabs_marius|InelaBot|Inet32\ Ctrl|inetbot|InfoLink|INFOMINE|infomine.ucr.edu|InfoNaviRobot|Informant|Infoseek|InfoTekies|InfoUSABot|INGRID|Inktomi|InsightsCollector|InsightsWorksBot|InspireBot|InsumaScout|Intelix|InterGET|Internet\ Ninja|InternetLinkAgent|Interseek|IOI|ip-web-crawler.com|Ipselonbot|Iria|IRLbot|Iron33|Isara|iSearch|iSiloX|IsraeliSearch|IstellaBot|its-learning|IU_CSCI_B659_class_crawler|iVia|iVia\ Page\ Fetcher|JadynAve|JadynAveBot|jakarta|Jakarta\ Commons-HttpClient|Java|Jbot|JemmaTheTourist|JennyBot|Jetbot|JetBrains\ Omea\ Pro|JetCar|Jim|JoBo|JobSpider_BA|JOC|JoeDog|JoyScapeBot|JSpyda|JubiiRobot|jumpstation|Junut|JustView|Jyxobot|K.S.Bot|KakcleBot|kalooga|KaloogaBot|kanagawa|KATATUDO-Spider|Katipo|kbeta1|Kenjin.Spider|KeywenBot|Keyword.Density|Keyword\ Density|kinjabot|KIT-Fireball|Kitenga-crawler-bot|KiwiStatus|kmbot-|kmccrew|Knight|KnowItAll|Knowledge.com|Knowledge\ Engine|KoepaBot|Koninklijke|KrOWLer|KSbot|kuloko-bot|kulturarw3|KummHttp|Kurzor|Kyluka|L.webis|LabelGrab|Labhoo|labourunions411|lachesis|Lament|LamerExterminator|LapozzBot|larbin|LARBIN-EXPERIMENTAL|LBot|LeapTag|LeechFTP|LeechGet|LetsCrawl.com|LexiBot|LexxeBot|lftp|libcrawl|libiViaCore|libWeb|libwww|libwww-perl|likse|Linguee|Link|link_checker|LinkAlarm|linkbot|LinkCheck\ by\ Siteimprove.com|LinkChecker|linkdex.com|LinkextractorPro|LinkLint|linklooker|Linkman|LinkScan|LinksCrawler|LinksManager.com_bot|LinkSweeper|linkwalker|LiteFinder|LitlrBot|Little\ Grabber\ at\ Skanktale.com|Livelapbot|LM\ Harvester|LMQueueBot|LNSpiderguy|LoadTimeBot|LocalcomBot|locust|LolongBot|LookBot|Lsearch|lssbot|LWP|lwp-request|lwp-trivial|LWP::Simple|Lycos_Spider|Lydia\ Entity|LynnBot|Lytranslate|Mag-Net|Magnet|magpie-crawler|Magus|Mail.Ru|Mail.Ru_Bot|MAINSEEK_BOT|Mammoth|MarkWatch|MaSagool|masidani_bot_|Mass|Mata.Hari|Mata\ Hari|matentzn\ at\ cs\ dot\ man\ dot\ ac\ dot\ uk|maxamine.com--robot|maxamine.com-robot|maxomobot|Maxthon$|McBot|MediaFox|medrabbit|Megite|MemacBot|Memo|MendeleyBot|Mercator-|mercuryboard_user_agent_sql_injection.nasl|MerzScope|metacarta|Metager2|metager2-verification-bot|MetaGloss|METAGOPHER|metal|metaquerier.cs.uiuc.edu|METASpider|Metaspinner|MetaURI|MetaURI\ API|MFC_Tear_Sample|MFcrawler|MFHttpScan|Microsoft.URL|MIIxpc|miner|mini-robot|minibot|miniRank|Mirror|Missigua\ Locator|Mister.PiX|Mister\ PiX|Miva|MJ12bot|mnoGoSearch|mod_accessibility|moduna.com|moget|MojeekBot|MOMspider|MonkeyCrawl|MOSES|Motor|mowserbot|MQbot|MSE360|MSFrontPage|MSIECrawler|MSIndianWebcrawl|MSMOBOT|Msnbot|msnbot-products|MSNPTC|MSRBOT|MT-Soft|MultiText|My_Little_SearchEngine_Project|my-heritrix-crawler|MyApp|MYCOMPANYBOT|mycrawler|MyEngines-US-Bot|MyFamilyBot|Myra|nabot|nabot_|Najdi.si|Nambu|NAMEPROTECT|NatchCVS|naver|naverbookmarkcrawler|NaverBot|Navroad|NearSite|NEC-MeshExplorer|NeoScioCrawler|NerdByNature.Bot|NerdyBot|Nerima-crawl-).*$" />
<add input="{HTTP_USER_AGENT}" pattern="^.*(T-H-U-N-D-E-R-S-T-O-N-E|Tailrank|tAkeOut|TAMU_CRAWLER|TapuzBot|Tarantula|targetblaster.com|TargetYourNews.com|TAUSDataBot|taxinomiabot|Tecomi|TeezirBot|Teleport|Teleport\ Pro|TeleportPro|Telesoft|Teradex\ Mapper|TERAGRAM_CRAWLER|TerrawizBot|testbot|testing\ of|TextBot|thatrobotsite.com|The.Intraformant|The\ Dyslexalizer|The\ Intraformant|TheNomad|Theophrastus|theusefulbot|TheUsefulbot_|ThumbBot|thumbshots-de-bot|tigerbot|TightTwatBot|TinEye|Titan|to-dress_ru_bot_|to-night-Bot|toCrawl|Topicalizer|topicblogs|Toplistbot|TopServer\ PHP|topyx-crawler|Touche|TourlentaScanner|TPSystem|TRAAZI|TranSGeniKBot|travel-search|TravelBot|TravelLazerBot|Treezy|TREX|TridentSpider|Trovator|True_Robot|tScholarsBot|TsWebBot|TulipChain|turingos|turnit|TurnitinBot|TutorGigBot|TweetedTimes|TweetmemeBot|TwengaBot|TwengaBot-Discover|Twiceler|Twikle|twinuffbot|Twisted\ PageGetter|Twitturls|Twitturly|TygoBot|TygoProwler|Typhoeus|U.S.\ Government\ Printing\ Office|uberbot|ucb-nutch|UCSD-Crawler|UdmSearch|UFAM-crawler-|Ultraseek|UnChaos|unchaos_crawler_|UnisterBot|UniversalSearch|UnwindFetchor|UofTDB_experiment|updated|URI::Fetch|url_gather|URL-Checker|URL\ Control|URLAppendBot|URLBlaze|urlchecker|urlck|UrlDispatcher|urllib|URLSpiderPro|URLy.Warning|USAF\ AFKN\|usasearch|USS-Cosmix|USyd-NLP-Spider|Vacobot|Vacuum|VadixBot|Vagabondo|Validator|Valkyrie|vBSEO|VCI|VerbstarBot|VeriCiteCrawler|Verifactrola|Verity-URL-Gateway|vermut|versus|versus.integis.ch|viasarchivinginformation.html|vikspider|VIP|VIPr|virus-detector|VisBot|Vishal\ For\ CLIA|VisWeb|vlad|vlsearch|VMBot|VocusBot|VoidEYE|VoilaBot|Vortex|voyager|voyager-hc|voyager-partner-deep|VSE|vspider).*$" />
<add input="{HTTP_USER_AGENT}" pattern="^.*(W3C_Unicorn|W3C-WebCon|w3m|w3search|wacbot|wastrix|Water\ Conserve|Water\ Conserve\ Portal|WatzBot|wauuu\ engine|Wavefire|Waypath|Wazzup|Wazzup1.0.4800|wbdbot|web-agent|Web-Sniffer|Web.Image.Collector|Web\ CEO\ Online|Web\ Image\ Collector|Web\ Link\ Validator|Web\ Magnet|webalta|WebaltBot|WebAuto|webbandit|webbot|webbul-bot|WebCapture|webcheck|Webclipping.com|webcollage|WebCopier|WebCopy|WebCorp|webcrawl.net|webcrawler|WebDownloader\ for|Webdup|WebEMailExtrac|WebEMailExtrac.*|WebEnhancer|WebFerret|webfetch|WebFetcher|WebGather|WebGo\ IS|webGobbler|WebImages|Webinator-search2.fasthealth.com|Webinator-WBI|WebIndex|WebIndexer|weblayers|WebLeacher|WeblexBot|WebLinker|webLyzard|WebmasterCoffee|WebmasterWorld|WebmasterWorldForumBot|WebMiner|WebMoose|WeBot|WebPix|WebReaper|WebRipper|WebSauger|Webscan|websearchbench|WebSite|websitemirror|WebSpear|websphinx.test|WebSpider|Webster|Webster.Pro|Webster\ Pro|WebStripper|WebTrafficExpress|WebTrends\ Link\ Analyzer|webvac|webwalk|WebWalker|Webwasher|WebWatch|WebWhacker|WebXM|WebZip|Weddings.info|wenbin|WEPA|WeRelateBot|Whacker|Widow|WikiaBot|Wikio|wikiwix-bot-|WinHttp.WinHttpRequest|WinHTTP\ Example|WIRE|wired-digital-newsbot|WISEbot|WISENutbot|wish-la|wish-project|wisponbot|WMCAI-robot|wminer|WMSBot|woriobot|worldshop|WorQmada|Wotbox|WPScan|wume_crawler|WWW-Mechanize|www.freeloader.com.|WWW\ Collector|WWWOFFLE|wwwrobot|wwwster|WWWWanderer|wwwxref|Wysigot|X-clawler|Xaldon|Xenu|Xenu's|Xerka\ MetaBot|XGET|xirq|XmarksFetch|XoviBot|xqrobot|Y!J|Y!TunnelPro|yacy.net|yacybot|yarienavoir.net|Yasaklibot|yBot|YebolBot|yellowJacket|yes|YesupBot|Yeti|YioopBot|YisouSpider|yolinkBot|yoogliFetchAgent|yoono|Yoriwa|YottaCars_Bot|you-dir|Z-Add\ Link|zagrebin|Zao|zedzo.digest|zedzo.validate|zermelo|Zeus|Zeus\ Link\ Scout|zibber-v|zimeno|Zing-BottaBot|ZipppBot|zmeu|ZoomSpider|ZuiBot|ZumBot|Zyborg|Zyte).*$" />
<add input="{HTTP_USER_AGENT}" pattern="^.*(Nessus|NESSUS::SOAP|nestReader|Net::Trackback|NetAnts|NetCarta\ CyberPilot\ Pro|Netcraft|NetID.com|NetMechanic|Netprospector|NetResearchServer|NetScoop|NetSeer|NetShift=|NetSongBot|Netsparker|NetSpider|NetSrcherP|NetZip|NetZip-Downloader|NewMedhunt|news|News_Search_App|NewsGatherer|Newsgroupreporter|NewsTroveBot|NextGenSearchBot|nextthing.org|NHSEWalker|nicebot|NICErsPRO|niki-bot|NimbleCrawler|nimbus-1|ninetowns|Ninja|NjuiceBot|NLese|Nogate|Nomad-V2.x|NoteworthyBot|NPbot|NPBot-|NRCan\ intranet|NSDL_Search_Bot|nu_tch-princeton|nuggetize.com|nutch|nutch1|NutchCVS|NutchOrg|NWSpider|Nymesis|nys-crawler|ObjectsSearch|oBot|Obvius\ external\ linkcheck|Occam|Ocelli|Octopus|ODP\ entries|Offline.Explorer|Offline\ Explorer|Offline\ Navigator|OGspider|OmiExplorer_Bot|OmniExplorer_Bot|omnifind|OmniWeb|OnetSzukaj|online\ link\ validator|OOZBOT|Openbot|Openfind|Openfind\ data|OpenHoseBot|OpenIntelligenceData|OpenISearch|OpenSearchServer_Bot|OpiDig|optidiscover|OrangeBot|ORISBot|ornl_crawler_1|ORNL_Mercury|osis-project.jp|OsO|OutfoxBot|OutfoxMelonBot|OWLER-BOT|owsBot|ozelot|P3P\ Client|page_verifier|PageBitesHyperBot|Pagebull|PageDown|PageFetcher|PageGrabber|PagePeeker|PageRank\ Monitor|pamsnbot.htm|Panopy|panscient.com|Pansophica|Papa\ Foto|PaperLiBot|parasite|parsijoo|Pathtraq|Pattern|Patwebbot|pavuk|PaxleFramework|PBBOT|pcBrowser|pd-crawler|PECL::HTTP|penthesila|PeoplePal|perform_crawl|PerMan|PGP-KA|PHPCrawl|PhpDig|PicoSearch|pipBot|pipeLiner|Pita|pixfinder|PiyushBot|planetwork|PleaseCrawl|Plucker|Plukkie|Plumtree|Pockey|Pockey-GetHTML|PoCoHTTP|pogodak.ba|Pogodak.co.yu|Poirot|polybot|Pompos|Poodle\ predictor|PopScreenBot|PostPost|PrivacyFinder|ProjectWF-java-test-crawler|ProPowerBot|ProWebWalker|PROXY|psbot|psbot-page|PSS-Bot|psycheclone|pub-crawler|pucl|pulseBot\ \(pulse|Pump|purebot|PWeBot|pycurl|Python-urllib|pythonic-crawler|PythonWikipediaBot|q1|QEAVis\ agent|QFKBot|qualidade|Qualidator.com|QuepasaCreep|QueryN.Metasearch|QueryN\ Metasearch|quest.durato|Quintura-Crw|QunarBot|Qweery_robot.txt_CheckBot|QweeryBot|r2iBot|R6_CommentReader|R6_FeedFetcher|R6_VoteReader|RaBot|Radian6|radian6_linkcheck|RAMPyBot|RankurBot|RcStartBot|RealDownload|Reaper|REBI-shoveler|Recorder|RedBot|RedCarpet|ReGet|RepoMonkey|RepoMonkey\ Bait|Riddler|RIIGHTBOT|RiseNetBot|RiverglassScanner|RMA|RoboPal|Robosourcer|robot|robotek|robots|Robozilla|rogerBot|Rome\ Client|Rondello|Rotondo|Roverbot|RPT-HTTPClient|rtgibot|RufusBot|Runnk\ online\ rss\ reader|s~stremor-crawler|S2Bot|SafariBookmarkChecker|SaladSpoon|Sapienti|SBIder|SBL-BOT|SCFCrawler|Scich|ScientificCommons.org|ScollSpider|ScooperBot|Scooter|ScoutJet|ScrapeBox|Scrapy|SCrawlTest|Scrubby|scSpider|Scumbot|SeaMonkey$|Search-Channel|Search-Engine-Studio|search.KumKie.com|search.msn.com|search.updated.com|search.usgs.gov|Search\ Publisher|Searcharoo.NET|SearchBlox|searchbot|searchengine|searchhippo.com|SearchIt-Bot|searchmarking|searchmarks|searchmee_v|SearchmetricsBot|searchmining|SearchnowBot_v1|searchpreview|SearchSpider.com|SearQuBot|Seekbot|Seeker.lookseek.com|SeeqBot|seeqpod-vertical-crawler|Selflinkchecker|Semager|semanticdiscovery|Semantifire1|semisearch|SemrushBot|Senrigan|SEOENGWorldBot|SeznamBot|ShablastBot|ShadowWebAnalyzer|Shareaza|Shelob|sherlock|ShopWiki|ShowLinks|ShowyouBot|siclab|silk|Siphon|SiteArchive|SiteCheck-sitecrawl|sitecheck.internetseer.com|SiteFinder|SiteGuardBot|SiteOrbiter|SiteSnagger|SiteSucker|SiteSweeper|SiteXpert|SkimBot|SkimWordsBot|SkreemRBot|skygrid|Skywalker|Sleipnir|slow-crawler|SlySearch|smart-crawler|SmartDownload|Smarte|smartwit.com|Snake|Snapbot|SnapPreviewBot|Snappy|snookit|Snooper|Snoopy|SocialSearcher|SocSciBot|SOFT411\ Directory|sogou|sohu-search|sohu\ agent|Sokitomi|Solbot|sootle|Sosospider|Space\ Bison|Space\ Fung|SpaceBison|SpankBot|spanner|Spatineo\ Monitor\ Controller|special_archiver|SpeedySpider|Sphider|Sphider2|spider|Spider.TerraNautic.net|SpiderEngine|SpiderKU|SpiderMan|Spinn3r|Spinne|sportcrew-Bot|spyder3.microsys.com|sqlmap|Squid-Prefetch|SquidClamAV_Redirector|Sqworm|SrevBot|sslbot|SSM\ Agent|StackRambler|StarDownloader|statbot|statcrawler|statedept-crawler|Steeler|STEGMANN-Bot|stero|Stripper|Stumbler|suchclip|sucker|SumeetBot|SumitBot|SummizeBot|SummizeFeedReader|SuperBot|superbot.com|SuperHTTP|SuperLumin|SuperPagesBot|Supybot|SURF|Surfbot|SurfControl|SurveyBot|suzuran|SWEBot|swish-e|SygolBot|SynapticWalker|Syntryx\ ANT\ Scout\ Chassis\ Pheromone|SystemSearch-robot|Szukacz).*$" />
</conditions>
<action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
</rule>
            </rules>
        </rewrite>
Read More
Người đăng: vào lúc Không có nhận xét nào:

Thứ Ba, 7 tháng 7, 2020

Allow Only IP Vietnam

netsh advfirewall show currentprofile
netsh advfirewall firewall show rule name=all dir=in | find "MSSQL"
netsh advfirewall firewall show rule name="MSSQL" profile=Public 
netsh advfirewall firewall show rule name="MSSQL2" profile=any

netsh advfirewall firewall set rule name="MSSQL" profile=Public new remoteip=123.30.182.0/255.255.255.0,123.31.33.13/255.255.255.255,203.162.31.0/255.255.255.0,1.52.0.0/14,2.56.16.0/22,2.59.0.0/23,14.0.16.0/20,14.160.0.0/11,14.224.0.0/11,17.81.145.0/24,17.92.240.0/23,20.134.144.0/20,20.134.208.0/24,20.134.243.0/24,20.139.144.0/20,23.50.12.0/22,23.53.208.0/21,23.60.70.0/23,23.61.254.0/23,23.79.96.0/19,23.91.108.0/24,23.194.136.0/23,27.0.12.0/22,27.0.240.0/22,27.2.0.0/15,27.64.0.0/12,27.118.16.0/20,27.124.19.0/24,27.124.48.0/21,34.98.238.0/23,34.98.254.0/23,34.103.14.0/23,42.1.64.0/18,42.96.0.0/18,42.112.0.0/14,42.116.0.0/16,42.117.0.0/21,42.117.8.0/23,42.117.10.0/24,42.117.12.0/22,42.117.16.0/20,42.117.32.0/19,42.117.64.0/18,42.117.128.0/17,42.118.0.0/15,43.239.148.0/22,43.239.184.0/21,43.239.220.0/22,43.239.224.0/22,45.10.234.80/28,45.117.76.0/22,45.117.80.0/22,45.117.156.0/22,45.117.160.0/20,45.117.176.0/22,45.118.136.0/21,45.118.144.0/21,45.119.76.0/22,45.119.80.0/21,45.119.108.0/22,45.119.212.0/22,45.119.216.0/22,45.119.240.0/22,45.120.224.0/21,45.121.24.0/22,45.121.152.0/22,45.121.160.0/22,45.122.220.0/22,45.122.232.0/21,45.122.240.0/20,45.123.96.0/22,45.124.84.0/22,45.124.88.0/21,45.125.200.0/21,45.125.208.0/22,45.125.236.0/22,45.126.92.0/22,45.126.96.0/22,45.127.252.0/22,45.140.65.0/24,45.251.112.0/22,45.252.240.0/21,45.252.248.0/22,45.254.32.0/22,46.244.29.192/28,49.156.52.0/22,49.213.64.0/18,49.236.208.0/22,49.246.128.0/18,49.246.192.0/19,57.93.80.0/20,58.84.0.0/22,58.186.0.0/15,59.153.212.0/22,59.153.216.0/21,59.153.224.0/19,61.11.224.0/19,61.14.232.0/21,61.28.224.0/19,65.110.39.190/31,65.110.39.192/29,66.160.142.192/26,101.53.0.0/18,101.96.12.0/22,101.96.64.0/18,101.99.0.0/18,103.1.200.0/22,103.1.208.0/22,103.1.236.0/22,103.2.220.0/22,103.2.224.0/21,103.3.244.0/22,103.3.248.0/21,103.4.128.0/22,103.5.30.0/23,103.5.204.0/22,103.5.208.0/22,103.7.36.0/22,103.7.40.0/22,103.7.172.0/24,103.7.174.0/23,103.7.177.0/24,103.7.196.0/24,103.8.13.0/24,103.9.0.0/21,103.9.76.0/22,103.9.80.0/21,103.9.156.0/22,103.9.196.0/22,103.9.200.0/21,103.9.208.0/21,103.10.44.0/22,103.10.88.0/22,103.10.212.0/22,103.11.172.0/22,103.12.104.0/22,103.13.76.0/22,103.15.48.0/22,103.16.0.0/22,103.17.88.0/22,103.17.197.0/24,103.17.236.0/22,103.18.4.0/22,103.18.176.0/22,103.19.96.0/22,103.19.164.0/22,103.19.220.0/22,103.20.144.0/21,103.21.120.0/22,103.21.148.0/22,103.23.144.0/22,103.23.156.0/22,103.24.244.0/22,103.26.252.0/22,103.27.60.0/22,103.27.64.0/22,103.27.236.0/22,103.28.32.0/21,103.28.136.0/22,103.28.172.0/22,103.30.36.0/22,103.31.120.0/21,103.35.64.0/22,103.37.28.0/22,103.37.32.0/22,103.38.136.0/22,103.39.92.0/22,103.39.96.0/22,103.42.56.0/22,103.45.228.0/22,103.45.232.0/21,103.47.192.0/22,103.48.76.0/22,103.48.80.0/21,103.48.188.0/22,103.48.192.0/22,103.52.92.0/22,103.53.88.0/22,103.53.168.0/22,103.53.228.0/22,103.53.252.0/22,103.54.248.0/21,103.56.156.0/22,103.56.160.0/21,103.56.168.0/22,103.57.104.0/22,103.57.112.0/22,103.57.208.0/22,103.57.220.0/22,103.60.16.0/22,103.61.44.0/22,103.61.48.0/22,103.62.8.0/22,103.63.104.0/21,103.63.112.0/21,103.63.120.0/22,103.63.212.0/22,103.66.152.0/22,103.68.68.0/22,103.68.72.0/21,103.68.80.0/22,103.68.240.0/20,103.69.188.0/22,103.69.192.0/22,103.70.28.0/22,103.71.15.0/24,103.71.180.0/22,103.71.184.0/22,103.72.96.0/22,103.74.100.0/22,103.74.104.0/22,103.74.112.0/21,103.74.120.0/22,103.75.176.0/21,103.75.184.0/22,103.77.160.0/21,103.77.168.0/22,103.78.76.0/22,103.78.84.0/22,103.78.88.0/21,103.79.140.0/22,103.79.144.0/22,103.81.80.0/21,103.82.20.0/22,103.82.24.0/21,103.82.32.0/21,103.82.129.0/24,103.82.132.0/22,103.82.192.0/21,103.82.204.0/23,103.84.76.0/22,103.87.220.0/22,103.88.108.0/22,103.88.112.0/22,103.88.118.0/24,103.88.120.0/22,103.89.84.0/22,103.89.88.0/21,103.89.120.0/22,103.90.220.0/22,103.90.224.0/21,103.90.232.0/22,103.92.24.0/21,103.92.32.0/22,103.94.16.0/22,103.94.176.0/22,103.95.156.0/22,103.95.168.0/22,103.95.196.0/22,103.97.124.0/22,103.97.132.0/22,103.98.148.0/22,103.98.152.0/22,103.98.160.0/22,103.99.0.0/22,103.99.87.0/24,103.99.229.0/24,103.99.230.0/23,103.99.244.0/22,103.99.252.0/22,103.100.160.0/22,103.100.228.0/22,103.101.32.0/22,103.101.76.0/22,103.101.160.0/22,103.102.20.0/22,103.102.128.0/22,103.103.116.0/22,103.104.24.0/22,103.104.116.0/22,103.104.120.0/22,103.106.220.0/22,103.106.224.0/22,103.107.180.0/22,103.107.200.0/22,103.108.100.0/22,103.108.132.0/22,103.108.136.0/22,103.109.28.0/22,103.109.32.0/21,103.109.40.0/22,103.110.84.0/22,103.111.236.0/22,103.111.240.0/21,103.112.124.0/22,103.112.132.0/22,103.113.80.0/22,103.113.88.0/22,103.114.104.0/22,103.115.166.0/24,103.116.100.0/22,103.116.104.0/22,103.117.240.0/21,103.119.84.0/22,103.120.156.0/22,103.121.88.0/22,103.124.56.0/21,103.124.92.0/22,103.125.168.0/22,103.125.188.0/22,103.125.192.0/22,103.126.152.0/21,103.126.160.0/22,103.127.192.0/20,103.129.80.0/21,103.129.88.0/22,103.129.188.0/22,103.130.52.0/22,103.130.56.0/22,103.130.208.0/20,103.131.68.0/22,103.131.72.0/21,103.133.100.0/22,103.133.104.0/21,103.133.224.0/22,103.135.28.0/22,103.136.228.0/23,103.137.4.0/23,103.137.156.0/23,103.137.184.0/22,103.138.88.0/22,103.138.108.0/22,103.138.112.0/22,103.139.12.0/22,103.139.40.0/22,103.139.44.0/23,103.139.102.0/23,103.139.154.0/23,103.139.160.0/23,103.139.202.0/23,103.140.4.0/23,103.140.38.0/23,103.140.40.0/22,103.140.100.0/23,103.140.248.0/22,103.141.136.0/21,103.141.144.0/23,103.141.176.0/23,103.142.22.0/23,103.142.24.0/22,103.142.78.0/23,103.142.136.0/22,103.142.218.0/23,103.143.140.0/22,103.143.144.0/23,103.143.202.0/23,103.143.206.0/23,103.143.208.0/23,103.144.84.0/22,103.144.152.0/22,103.145.0.0/23,103.145.3.0/24,103.145.4.0/23,103.145.62.0/23,103.145.248.0/24,103.145.250.0/23,103.145.252.0/22,103.146.18.0/23,103.146.20.0/22,103.147.34.0/23,103.147.36.0/23,103.147.100.0/23,103.147.122.0/23,103.147.126.0/23,103.147.184.0/22,103.147.188.0/23,103.148.56.0/23,103.148.158.0/23,103.148.254.0/23,103.149.12.0/23,103.149.98.0/23,103.149.170.0/23,103.149.172.0/23,103.149.250.0/23,103.149.252.0/22,103.150.0.0/23,103.150.124.0/23,103.150.236.0/23,103.150.240.0/23,103.151.52.0/22,103.151.56.0/23,103.151.120.0/22,103.151.124.0/23,103.151.238.0/23,103.151.240.0/22,103.151.244.0/23,103.152.46.0/23,103.152.48.0/22,103.192.236.0/22,103.194.188.0/22,103.195.236.0/22,103.195.240.0/22,103.196.16.0/22,103.196.236.0/22,103.196.244.0/22,103.196.248.0/22,103.199.4.0/22,103.199.8.0/21,103.199.16.0/20,103.199.32.0/19,103.199.64.0/20,103.200.20.0/22,103.200.24.0/22,103.200.60.0/22,103.200.120.0/22,103.205.96.0/21,103.205.104.0/22,103.206.212.0/22,103.206.216.0/22,103.207.32.0/21,103.211.92.224/28,103.211.93.128/29,103.211.93.224/27,103.211.212.0/22,103.213.122.0/23,103.214.8.0/22,103.216.72.0/22,103.216.112.0/20,103.216.128.0/22,103.219.180.0/22,103.220.68.0/22,103.220.84.0/22,103.221.86.0/24,103.221.212.0/22,103.221.216.0/21,103.221.224.0/21,103.223.4.0/22,103.224.168.0/22,103.225.236.0/22,103.226.108.0/22,103.226.248.0/22,103.227.112.0/22,103.227.216.0/22,103.228.20.0/22,103.229.40.0/22,103.229.192.0/22,103.231.148.0/22,103.232.52.0/22,103.232.56.0/21,103.232.120.0/22,103.233.48.0/22,103.234.36.0/22,103.234.88.0/22,103.235.208.0/21,103.237.60.0/22,103.237.64.0/22,103.237.96.0/22,103.237.144.0/21,103.238.68.0/22,103.238.72.0/21,103.238.80.0/22,103.238.116.0/24,103.238.208.0/21,103.239.32.0/22,103.239.116.0/22,103.239.120.0/22,103.241.248.0/22,103.242.52.0/22,103.243.104.0/22,103.243.216.0/22,103.244.136.0/22,103.245.148.0/22,103.245.244.0/22,103.245.248.0/21,103.246.104.0/24,103.246.220.0/22,103.248.160.0/21,103.249.20.0/22,103.249.100.0/22,103.250.24.0/22,103.252.0.0/22,103.252.252.0/22,103.253.88.0/22,103.254.12.0/22,103.254.16.0/22,103.254.40.0/22,103.254.216.0/22,103.255.84.0/22,103.255.236.0/22,104.67.32.0/19,104.68.128.0/19,107.155.6.0/24,107.155.32.0/24,107.155.54.0/24,107.155.62.0/24,110.35.64.0/20,110.44.184.0/21,111.65.240.0/20,111.91.232.0/22,112.72.64.0/18,112.78.0.0/20,112.109.88.0/21,112.137.128.0/20,112.197.0.0/16,112.213.80.0/20,113.20.96.0/19,113.22.0.0/16,113.23.0.0/17,113.52.32.0/19,113.61.108.0/22,113.160.0.0/11,115.72.0.0/13,115.84.176.0/21,115.146.120.0/21,115.165.160.0/21,116.68.128.0/21,116.96.0.0/12,116.118.0.0/17,116.193.64.0/20,116.212.32.0/19,117.0.0.0/13,117.103.192.0/18,117.122.0.0/17,118.27.192.0/19,118.68.0.0/15,118.70.0.0/23,118.70.2.0/24,118.70.4.0/22,118.70.8.0/21,118.70.16.0/20,118.70.32.0/19,118.70.64.0/18,118.70.128.0/17,118.71.0.0/16,118.99.13.0/24,118.102.0.0/21,118.107.64.0/18,119.15.160.0/19,119.17.192.0/18,119.18.128.0/20,119.18.184.0/21,119.82.128.0/20,120.50.184.0/21,120.72.80.0/21,120.72.96.0/19,120.138.64.0/20,121.50.172.0/22,122.10.140.0/22,122.102.112.0/22,122.129.0.0/18,122.201.8.0/21,123.16.0.0/13,123.24.0.0/14,123.28.0.0/15,123.30.0.0/22,123.30.4.0/24,123.30.5.0/29,123.30.5.8/30,123.30.5.16/28,123.30.5.32/27,123.30.5.64/26,123.30.5.128/25,123.30.6.0/23,123.30.8.0/21,123.30.16.0/20,123.30.32.0/19,123.30.64.0/18,123.30.128.0/17,123.31.0.0/16,124.157.0.0/18,124.158.0.0/20,125.58.0.0/18,125.212.128.0/17,125.214.0.0/18,125.234.0.0/15,125.253.112.0/20,128.1.60.0/24,128.1.126.0/23,128.1.210.0/23,128.90.53.0/24,128.90.77.0/24,128.90.78.0/24,129.227.184.0/23,134.159.138.0/24,134.159.230.0/23,134.159.240.0/23,137.59.24.0/21,137.59.32.0/20,137.59.104.0/22,137.59.116.0/22,137.83.240.0/24,139.81.236.0/22,139.81.242.0/23,140.82.198.0/24,144.48.20.0/22,144.48.24.0/22,146.196.64.0/22,150.95.16.0/22,150.95.104.0/21,150.95.112.0/20,152.32.160.0/22,152.32.221.0/24,152.32.222.0/23,152.32.224.0/24,152.32.249.0/24,152.32.250.0/24,152.32.255.0/24,154.90.11.0/24,154.211.30.0/24,156.107.107.192/29,156.107.136.36/30,156.107.136.156/30,156.107.137.36/30,156.107.156.36/30,156.107.156.156/30,156.107.157.36/30,157.119.244.0/22,157.119.248.0/22,157.167.31.0/24,160.202.56.64/29,161.117.127.0/24,161.123.236.0/22,162.158.216.0/22,163.44.192.0/22,163.44.200.0/24,163.44.204.0/22,163.47.177.0/24,171.224.0.0/11,175.103.64.0/18,175.106.0.0/22,180.93.0.0/16,180.148.0.0/21,180.148.128.0/20,180.214.236.0/22,182.161.80.0/20,182.173.70.0/24,182.236.112.0/22,182.237.20.0/22,183.80.0.0/16,183.81.0.0/17,183.90.160.0/21,183.91.0.0/19,183.91.160.0/19,185.122.113.164/30,185.122.113.176/29,185.122.115.184/30,185.139.164.112/28,185.221.68.38/31,185.221.69.38/31,185.221.70.38/31,188.214.152.0/24,192.145.71.0/24,192.253.249.128/25,193.0.245.0/24,193.150.98.0/24,194.87.55.0/24,195.133.59.0/24,202.0.79.0/24,202.4.168.0/24,202.4.176.0/24,202.6.2.0/24,202.6.96.0/23,202.9.79.0/24,202.9.80.0/24,202.9.84.0/24,202.37.86.0/23,202.43.108.0/22,202.44.137.0/24,202.47.87.0/24,202.47.142.0/24,202.52.39.0/24,202.55.132.0/22,202.56.57.0/24,202.58.245.0/24,202.59.238.0/23,202.59.252.0/23,202.60.104.0/21,202.74.56.0/24,202.74.58.0/23,202.78.224.0/21,202.79.232.0/21,202.87.212.0/22,202.92.4.0/22,202.93.156.0/22,202.94.82.0/24,202.94.88.0/23,202.124.204.0/24,202.130.36.0/23,202.134.16.0/21,202.134.54.0/24,202.143.108.0/22,202.151.160.0/20,202.158.244.0/22,202.160.124.0/23,202.162.98.0/24,202.163.1.80/28,202.172.4.0/23,202.191.56.0/22,203.8.127.0/24,203.8.172.0/24,203.34.144.0/24,203.77.178.0/24,203.79.28.0/24,203.89.140.0/22,203.98.178.100/30,203.98.184.128/25,203.98.188.80/28,203.99.248.0/22,203.101.134.0/24,203.113.128.0/18,203.119.8.0/22,203.119.36.0/22,203.119.44.0/22,203.119.58.0/23,203.119.60.0/22,203.119.64.0/21,203.119.72.0/22,203.128.240.0/21,203.160.0.0/23,203.160.96.0/21,203.160.132.0/22,203.161.178.0/24,203.162.0.0/18,203.162.64.0/20,203.162.80.0/21,203.162.88.0/24,203.162.89.0/26,203.162.89.64/27,203.162.89.128/25,203.162.90.0/23,203.162.92.0/22,203.162.96.0/19,203.162.128.0/17,203.163.128.0/18,203.167.8.0/22,203.167.12.0/23,203.167.14.0/24,203.170.26.0/23,203.171.16.0/20,203.176.160.0/21,203.189.28.0/22,203.190.160.0/20,203.190.232.240/29,203.191.8.0/21,203.191.48.0/21,203.195.0.0/18,203.196.24.0/22,203.201.56.0/22,203.205.0.0/18,203.209.180.0/22,203.210.128.0/17,203.222.52.20/32,208.3.193.0/32,208.3.193.2/32,208.127.168.128/26,208.127.211.0/24,208.127.213.67/32,209.16.178.0/24,209.95.151.96/28,209.200.226.5/32,209.200.226.6/31,209.200.226.8/30,209.200.226.12/32,210.2.64.0/18,210.57.31.0/24,210.57.32.0/24,210.86.224.0/20,210.211.96.0/19,210.245.0.0/17,212.211.192.120/29,212.211.194.80/29,217.138.201.224/27,218.100.10.0/24,218.100.14.0/24,218.100.60.0/24,220.231.64.0/18,221.121.0.0/18,221.132.0.0/18,221.133.0.0/19,222.252.0.0/15,222.254.0.0/16,222.255.0.0/18,222.255.64.0/21,222.255.72.0/22,222.255.76.0/26,222.255.76.64/27,222.255.76.128/27,222.255.76.192/26,222.255.77.0/24,222.255.78.0/24,222.255.79.0/25,222.255.79.132/30,222.255.79.136/29,222.255.79.144/28,222.255.79.160/27,222.255.79.192/26,222.255.80.0/20,222.255.96.0/19,222.255.128.0/17,223.27.104.0/21

netsh advfirewall firewall set rule name="MSSQL2" profile=any new remoteip=116.193.64.0/20,116.212.32.0/19,117.0.0.0/13,117.103.192.0/18,117.122.0.0/17,118.27.192.0/19,118.68.0.0/15,118.70.0.0/23,118.70.2.0/24,118.70.4.0/22,118.70.8.0/21,118.70.16.0/20,118.70.32.0/19,118.70.64.0/18,118.70.128.0/17,118.71.0.0/16,118.99.13.0/24,118.102.0.0/21,118.107.64.0/18,119.15.160.0/19,119.17.192.0/18,119.18.128.0/20,119.18.184.0/21,119.82.128.0/20,120.50.184.0/21,120.72.80.0/21,120.72.96.0/19,120.138.64.0/20,121.50.172.0/22,122.10.140.0/22,122.102.112.0/22,122.129.0.0/18,122.201.8.0/21,123.16.0.0/13,123.24.0.0/14,123.28.0.0/15,123.30.0.0/22,123.30.4.0/24,123.30.5.0/29,123.30.5.8/30,123.30.5.16/28,123.30.5.32/27,123.30.5.64/26,123.30.5.128/25,123.30.6.0/23,123.30.8.0/21,123.30.16.0/20,123.30.32.0/19,123.30.64.0/18,123.30.128.0/17,123.31.0.0/16,124.157.0.0/18,124.158.0.0/20,125.58.0.0/18,125.212.128.0/17,125.214.0.0/18,125.234.0.0/15,125.253.112.0/20,128.1.60.0/24,128.1.126.0/23,128.1.210.0/23,128.90.53.0/24,128.90.77.0/24,128.90.78.0/24,129.227.184.0/23,134.159.138.0/24,134.159.230.0/23,134.159.240.0/23,137.59.24.0/21,137.59.32.0/20,137.59.104.0/22,137.59.116.0/22,137.83.240.0/24,139.81.236.0/22,139.81.242.0/23,140.82.198.0/24,144.48.20.0/22,144.48.24.0/22,146.196.64.0/22,150.95.16.0/22,150.95.104.0/21,150.95.112.0/20,152.32.160.0/22,152.32.221.0/24,152.32.222.0/23,152.32.224.0/24,152.32.249.0/24,152.32.250.0/24,152.32.255.0/24,154.90.11.0/24,154.211.30.0/24,156.107.107.192/29,156.107.136.36/30,156.107.136.156/30,156.107.137.36/30,156.107.156.36/30,156.107.156.156/30,156.107.157.36/30,157.119.244.0/22,157.119.248.0/22,157.167.31.0/24,160.202.56.64/29,161.117.127.0/24,161.123.236.0/22,162.158.216.0/22,163.44.192.0/22,163.44.200.0/24,163.44.204.0/22,163.47.177.0/24,171.224.0.0/11,175.103.64.0/18,175.106.0.0/22,180.93.0.0/16,180.148.0.0/21,180.148.128.0/20,180.214.236.0/22,182.161.80.0/20,182.173.70.0/24,182.236.112.0/22,182.237.20.0/22,183.80.0.0/16,183.81.0.0/17,183.90.160.0/21,183.91.0.0/19,183.91.160.0/19,185.122.113.164/30,185.122.113.176/29,185.122.115.184/30,185.139.164.112/28,185.221.68.38/31,185.221.69.38/31,185.221.70.38/31,188.214.152.0/24,192.145.71.0/24,192.253.249.128/25,193.0.245.0/24,193.150.98.0/24,194.87.55.0/24,195.133.59.0/24,202.0.79.0/24,202.4.168.0/24,202.4.176.0/24,202.6.2.0/24,202.6.96.0/23,202.9.79.0/24,202.9.80.0/24,202.9.84.0/24,202.37.86.0/23,202.43.108.0/22,202.44.137.0/24,202.47.87.0/24,202.47.142.0/24,202.52.39.0/24,202.55.132.0/22,202.56.57.0/24,202.58.245.0/24,202.59.238.0/23,202.59.252.0/23,202.60.104.0/21,202.74.56.0/24,202.74.58.0/23,202.78.224.0/21,202.79.232.0/21,202.87.212.0/22,202.92.4.0/22,202.93.156.0/22,202.94.82.0/24,202.94.88.0/23,202.124.204.0/24,202.130.36.0/23,202.134.16.0/21,202.134.54.0/24,202.143.108.0/22,202.151.160.0/20,202.158.244.0/22,202.160.124.0/23,202.162.98.0/24,202.163.1.80/28,202.172.4.0/23,202.191.56.0/22,203.8.127.0/24,203.8.172.0/24,203.34.144.0/24,203.77.178.0/24,203.79.28.0/24,203.89.140.0/22,203.98.178.100/30,203.98.184.128/25,203.98.188.80/28,203.99.248.0/22,203.101.134.0/24,203.113.128.0/18,203.119.8.0/22,203.119.36.0/22,203.119.44.0/22,203.119.58.0/23,203.119.60.0/22,203.119.64.0/21,203.119.72.0/22,203.128.240.0/21,203.160.0.0/23,203.160.96.0/21,203.160.132.0/22,203.161.178.0/24,203.162.0.0/18,203.162.64.0/20,203.162.80.0/21,203.162.88.0/24,203.162.89.0/26,203.162.89.64/27,203.162.89.128/25,203.162.90.0/23,203.162.92.0/22,203.162.96.0/19,203.162.128.0/17,203.163.128.0/18,203.167.8.0/22,203.167.12.0/23,203.167.14.0/24,203.170.26.0/23,203.171.16.0/20,203.176.160.0/21,203.189.28.0/22,203.190.160.0/20,203.190.232.240/29,203.191.8.0/21,203.191.48.0/21,203.195.0.0/18,203.196.24.0/22,203.201.56.0/22,203.205.0.0/18,203.209.180.0/22,203.210.128.0/17,203.222.52.20/32,208.3.193.0/32,208.3.193.2/32,208.127.168.128/26,208.127.211.0/24,208.127.213.67/32,209.16.178.0/24,209.95.151.96/28,209.200.226.5/32,209.200.226.6/31,209.200.226.8/30,209.200.226.12/32,210.2.64.0/18,210.57.31.0/24,210.57.32.0/24,210.86.224.0/20,210.211.96.0/19,210.245.0.0/17,212.211.192.120/29,212.211.194.80/29,217.138.201.224/27,218.100.10.0/24,218.100.14.0/24,218.100.60.0/24,220.231.64.0/18,221.121.0.0/18,221.132.0.0/18,221.133.0.0/19,222.252.0.0/15,222.254.0.0/16,222.255.0.0/18,222.255.64.0/21,222.255.72.0/22,222.255.76.0/26,222.255.76.64/27,222.255.76.128/27,222.255.76.192/26,222.255.77.0/24,222.255.78.0/24,222.255.79.0/25,222.255.79.132/30,222.255.79.136/29,222.255.79.144/28,222.255.79.160/27,222.255.79.192/26,222.255.80.0/20,222.255.96.0/19,222.255.128.0/17,223.27.104.0/21
Read More
Người đăng: vào lúc Không có nhận xét nào:

Thứ Tư, 1 tháng 7, 2020

CPANEL could not connect to OCSP responder 'ocsp.comodoca.com'

I get a lof of error /var/log/apache2/error_log
I wonder what it's all about? How can solve this problem?

[Sat Apr 25 13:38:05.350828 2020] [ssl:error] [pid 20427:tid 47191871805184] AH01941: stapling_renew_response: responder error
[Sat Apr 25 13:38:08.354574 2020] [ssl:error] [pid 2597:tid 47191842387712] (70007)The timeout specified has expired: [client 37.26.52.163:43586] AH01974: could not connect to OCSP responder 'ocsp.comodoca.com'
[Sat Apr 25 13:38:08.354700 2020] [ssl:error] [pid 2597:tid 47191842387712] AH01941: stapling_renew_response: responder error
[Sat Apr 25 13:38:15.005719 2020] [ssl:error] [pid 2724:tid 47191854995200] (70007)The timeout specified has expired: [client 5.191.53.104:46847] AH01974: could not connect to OCSP responder 'ocsp.comodoca.com'

Many of you have likely landed here due to running across the following error or similar in your Apache error log when sites using AutoSSL or other SSL certificates take an excessively long time to load, or simply time out:

Code:
Network is unreachable: could not connect to OCSP responder 'ocsp.comodoca.com'
OCSP (Online Certificate Status Protocol) is used to ensure that the current status of a given SSL certificate is always communicated to the webserver, and the client's browser. This protocol provides updates on if a certificate has been revoked, so the browser knows to refuse the connection.

Traditionally the requesting browser makes these checks with the OCSP provider, which extends the time a full SSL/TLS handshake takes and as a result makes HTTPS connections longer.

cPanel's Apache installation by default implements a technology known as 'OCSP Stapling', which functions as a sort of caching for the OCSP status. Essentially after making the first OCSP connection, the status is "stapled" to the SSL/TLS handshake from the server end which reduces a significant load on the connecting browser and makes HTTPS connections faster.

The above error comes into play when OCSP Stapling fails because the host server couldn't connect to the certificate authority's OCSP server. This can happen for a variety of reasons, but we'll touch on the most common causes here:


DNS Caching causes your server to try connecting to the wrong IP address

Many certificate authorities tends to rotate and change the IP addresses where their OCSP server is hosted fairly frequently. This can result in servers trying to access an old IP address for the server, which may fail.

This can be verified by checking what your server resolves the OCSP server to, versus what a common public DNS resolver resolves. I use Google's '8.8.8.8' in the following example, but any "large" public resolver would let you check for a difference. The IP addresses in this example represent only the addresses at the time of my testing, and are very likely different when you're reading this post:
Code:
# dig A +short ocsp.comodoca.com
ocsp.comodoca.com.edgesuite.net.
a652.dscb.akamai.net.
58.27.86.11
58.27.86.48

# dig A +short ocsp.comodoca.com @8.8.8.8
ocsp.comodoca.com.edgesuite.net.
a652.dscb.akamai.net.
203.106.85.42
203.106.85.66

If you get a different response from the public DNS resolver versus your own server it's very likely your DNS resolves are using cached information and haven't updated the new IP addresses. This is often addressed by simply waiting until your server's DNS resolvers refresh their cached IP information.

If instead you receive the same IP addresses from your server and the public resolver, it's possible there may be network issues preventing your server from reaching your certificate authority's OCSP server.​


Network issues prevent your server from reaching OCSP server

This is by far the most common reason we see for sites reporting these errors. Often as a result of datacenter blocks, server firewalls or other network interferences the server is unable to connect to the necessary OCSP server. This can most reliably be verified by simply trying to ping the OCSP server in your error.

If you don't receive any information after the ping then there's likely a network block at play, in which case you should reach out to your datacenter or hosting provider, or server administrator to look into the network routing and try to determine why your server cannot reach the OCSP server.

We've seen a few isolated cases where incomplete IPv6 configurations can cause issues connecting to OCSP servers as well. This can be tested using 'ping6' instead of 'ping', which tests an IPv6 connection instead of IPv4. If you receive errors only when using ping6 then it's possible the IPv6 configuration on the server needs to be fixed, or disabled.

Otherwise, if you are able to successfully ping the OCSP provider it's possible they may be experiencing service issues.​


Certificate Authority may be experiencing service issues.

Infrequently, certificate authorities may have service downtime with their OCSP responder servers. If none of the above steps explain the errors being received, then you may want to check with your provider.

For AutoSSL certificates for example, Sectigo offers Sectigo Certificate Authority to check their service status and will announce if they're experiencing OCSP issues.

If there are systemic issues with the OCSP responder servers there will likely be a notice on their status page, and ideally a projected ETA for service to be restored.

If any of the above descriptions apply or if there's a less common issue causing these errors for you, it's possible to disable OCSP stapling to allow your sites to load again.

We firmly recommend that this only be a temporary workaround, as disabling Stapling places the OCSP burden back on your customer's browsers, slowing down site load speed and extending SSL/TLS handshake times.

To disable OCSP Stapling you can access WHM >> Service Configuration >> Apache Configuration >> Include Editor >> Pre VirtualHost Include >> All Versions and adding the following line:
Code:
SSLUseStapling off
Selecting 'Update' after this will rebuild the Apache configuration and restart the service, at which point the sites should begin loading as expected again.

Once the systemic issues in contacting OCSP have been addressed Stapling can be re-enabled by accessing the same interface and removing the additional line that was added. We at cPanel recommend keeping OCSP Stapling enabled whenever possible, as this improves the security in your HTTPS connections and improves site load speeds by optimizing the SSL/TLS Handshake.
Read More
Người đăng: vào lúc 1 nhận xét:
Đăng ký: Bài đăng (Atom)