恶意攻击IP地址段

网友 **gerskys 说：

*帖最后由 **gerskys 于 2022-7-7 00:29 编辑

我的WordPre**一直被恶意搜索，今天直接梭哈1小时，整理出来攻击的IP段。直接全部403

可以通过CDN拦截，直接匹配user-agent
*92.0.4515.159*

123.149.78.*
123.149.77.*
171.8.238.*
171.8.172.*
1.192.245.*
1.192.244.*
125.46.241.*
123.149.76.*
123.149.79.*
120.245.60.*
120.244.123.*
171.8.236.*
171.8.173.*
120.245.61.*
1.192.241.*
1.192.240.*
222.137.83.*
222.137.1.*
222.137.0.*
182.119.1**.*
1.192.242.*
1.192.246.*
1.192.243.*
125.46.244.*
222.137.84.148

网友 a2313153 说：

非常感谢同样被困扰

网友 **gerskys 说：

补充日志格式

使用cdn可以尝试在cdn拦截，使用user-agent过滤92.0.4515.159

221.15.255.219|221.15.255.219 [07/Jul/2022:00:22:14 +0800] i4t.com &*uot;GET /?s=%E9%95%BF%E6%98%A5%E4%B9%9D%E5%8F%B0%E5%8C%BA%E9%85%92%E5%BA%97%E5%AD%A6%E7%94%9F%E3%80%90%E2%92%9228%E2%92%98%E2%92%94%E5%AA%BA%E3%80%91%E5%9F%8E%E5%A4%**&type=shop HTTP/1.1&*uot; 200 &*uot;https://i4t.com?s=%E9%95%BF%E6%98%A5%E4%B9%9D%E5%8F%B0%E5%8C%BA%E9%85%92%E5%BA%97%E5%AD%A6%E7%94%9F%E3%80%90%E2%92%9228%E2%92%98%E2%92%94%E5%AA%BA%E3%80%91%E5%9F%8E%E5%A4%**&type=circle&*uot; Mozilla/5.0 (Linux; And**id 5.0; **-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Ch**me/92.0.4515.159 Mobile Safa**/537.36 – [15**86字节,0.246秒]
221.15.255.219|221.15.255.219 [07/Jul/2022:00:22:18 +0800] i4t.com &*uot;GET /?s=%E4%BF%A1%E9%98%B3%E5%9B%BA%E5%A7%8B%E5%8E%BF(%E4%**%9A)%E6%89%80%E5%A4%A7(%E4%BF%9D)%E5%81%A5%E4%BB%B7%E6%A0%**%E6%98%AF%E5%A4%9A%E5%B0%91(%E9%AD%8F%E6%80%A729.**5722)K5rtn&type=post HTTP/1.1&*uot; 200 &*uot;https://i4t.com?s=%E4%BF%A1%E9%98%B3%E5%9B%BA%E5%A7%8B%E5%8E%BF%28%E4%**%9A%29%E6%89%80%E5%A4%A7%28%E4%BF%9D%29%E5%81%A5%E4%BB%B7%E6%A0%**%E6%98%AF%E5%A4%9A%E5%B0%91%28%E9%AD%8F%E6%80%A729.**5722%29K5rtn&type=user&*uot; Mozilla/5.0 (Linux; And**id 5.0; **-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Ch**me/92.0.4515.159 Mobile Safa**/537.36 – [157316字节,0.191秒]
221.15.255.219|221.15.255.219 [07/Jul/2022:00:22:47 +0800] i4t.com &*uot;GET /?s=%E6%AD%A6%E6%B1%89%E6%B1%89%E5%8D%97%E5%8C%BA%E5%A6%B9%E5%AD%90%E5%A4%A7%E6%B4%BB%E3%80%90%E2%92%97%E2%92%9459%E2%92%9B%E5%AA%BA%E3%80%91%E8%87%AA%E7%9A%84&type=circle HTTP/1.1&*uot; 200 &*uot;https://i4t.com?s=%E6%AD%A6%E6%B1%89%E6%B1%89%E5%8D%97%E5%8C%BA%E5%A6%B9%E5%AD%90%E5%A4%A7%E6%B4%BB%E3%80%90%E2%92%97%E2%92%9459%E2%92%9B%E5%AA%BA%E3%80%91%E8%87%AA%E7%9A%84&type=post&*uot; Mozilla/5.0 (Linux; And**id 5.0; **-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Ch**me/92.0.4515.159 Mobile Safa**/537.36 – [15**75字节,0.161秒]
125.46.246.228|125.46.246.228 [07/Jul/2022:00:23:47 +0800] i4t.com &*uot;GET /?s=%E5%A4%A9%E6%B4%A5%E8%A5%BF%E9%9D%92%E5%8C%BA%E4%**%91%E9%97%B2%E5%A6%B9%E5%A6%B9%E3%80%90%E2%92%972%E2%92%99%E2%92%982%E5%AA%BA%E3%80%91%E9%80%9A%E6%9C%BA&type=shop HTTP/1.1&*uot; 200 &*uot;https://i4t.com?s=%E5%A4%A9%E6%B4%A5%E8%A5%BF%E9%9D%92%E5%8C%BA%E4%**%91%E9%97%B2%E5%A6%B9%E5%A6%B9%E3%80%90%E2%92%972%E2%92%99%E2%92%982%E5%AA%BA%E3%80%91%E9%80%9A%E6%9C%BA&type=post&*uot; Mozilla/5.0 (Linux; And**id 5.0; **-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Ch**me/92.0.4515.159 Mobile Safa**/537.36 – [15**86字节,0.241秒]
222.137.5.116|222.137.5.116 [07/Jul/2022:00:24:20 +0800] i4t.com &*uot;GET /?s=%E9%B9%A4%E5%B2%97%E5%A6%B9%E5%AD%90%E5%BF%AB%E9%A4%90%E3%80%90%E2%92%9228%E2%92%98%E2%92%94%E5%AA%BA%E3%80%91%E9%9A%BE%E6%89%80&type=circle HTTP/1.1&*uot; 200 &*uot;https://i4t.com?s=%E9%B9%A4%E5%B2%97%E5%A6%B9%E5%AD%90%E5%BF%AB%E9%A4%90%E3%80%90%E2%92%9228%E2%92%98%E2%92%94%E5%AA%BA%E3%80%91%E9%9A%BE%E6%89%80&type=shop&*uot; Mozilla/5.0 (Linux; And**id 5.0; **-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Ch**me/92.0.4515.159 Mobile Safa**/537.36 – [156223字节,0.228秒]
222.137.5.116|222.137.5.116 [07/Jul/2022:00:24:54 +0800] i4t.com &*uot;GET /?s=%E6%AD%A6%E5%A8%81%E6%8E%A8%E6%B2%B9%E5%B0%8F%E5%A6%B9%E5%AD%90513.86118%E5%BE%AE%E4%BF%A1%E5%89%AF%E9%9D%92&type=new**lashes HTTP/1.1&*uot; 200 &*uot;https://i4t.com?s=%E6%AD%A6%E5%A8%81%E6%8E%A8%E6%B2%B9%E5%B0%8F%E5%A6%B9%E5%AD%90513.86118%E5%BE%AE%E4%BF%A1%E5%89%AF%E9%9D%92&type=shop&*uot; Mozilla/5.0 (Linux; And**id 5.0; **-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Ch**me/92.0.4515.159 Mobile Safa**/537.36 – [156199字节,0.241秒]