targeturl = "/archives/2761.html" '受攻击网站的URL地址。
logfilepath = "C:\LogFiles\W3SVC\ex110813.log" '受攻击网站的日志路径。
On Error Resume Next
Set fileobj = CreateObject("scripting.filesystemobject")
Set fileobj2 = CreateObject("scripting.filesystemobject")
Set myfile = fileobj2.opentextfile(logfilepath, 1, False)
Do While myfile.atendofstream <> True
myline = myfile.readline()
myline2 = Split(myline, " ")
newip = myline2(9)
myurl = myline2(5)
If targeturl = myurl Then
writelog newip
End If
Loop
myfile.Close
Set fileobj2 = Nothing
Msgbox "结束."
Sub writelog(errmes)
ipfilename = "blockip.txt"
Set logfile = fileobj.opentextfile(ipfilename, 8, True)
logfile.writeline errmes
logfile.Close
Set logfile = Nothing
End Sub
'/*=========================================================================
' * Intro VBScript使用ADSI为IIS批量添加屏蔽或允许访问的IP
' * FileName VBScript-ADSI-IIS-Add-Deny-Grant-IP-Change-MetaBase.xml.vbs
' *==========================================================================*/
'AddDenyIP2All "192.168.1.106,255.255.255.0"
'AddDenyIP "123456","127.0.0.1"
'AddDenyIP2All "14.113.226.116"
'添加要屏蔽的IP或一组计算机,到一个指定站点上
Sub AddDenyIP(strWebNo, strDenyIp)
On Error Resume Next
Set SecObj = GetObject("IIS://LocalHost/W3SVC/" & strWebNo & "/Root")
Set MyIPSec = SecObj.IPSecurity
MyIPSec.GrantByDefault = True
IPList = MyIPSec.IPDeny
i = UBound(IPList) + 1
ReDim Preserve IPList(i)
IPList(i) = strDenyIp
MyIPSec.IPDeny = IPList
SecObj.IPSecurity = MyIPSec
SecObj.Setinfo
End Sub
'添加要屏蔽的IP或一组计算机,到IIS公共配置,以应用到所有站点
'如果之前对有些站点单独做过屏蔽IP设置,在些设置不会生效,得在总的网站上设置一下,然后覆盖所有子结点
Sub AddDenyIP2All(strDenyIp)
On Error Resume Next
Set SecObj = GetObject("IIS://LocalHost/W3SVC")
Set MyIPSec = SecObj.IPSecurity
MyIPSec.GrantByDefault = True
IPList = MyIPSec.IPDeny
i = UBound(IPList) + 1
ReDim Preserve IPList(i)
IPList(i) = strDenyIp
MyIPSec.IPDeny = IPList
SecObj.IPSecurity = MyIPSec
SecObj.Setinfo
End Sub
'添加允许的IP或一组计算机,到一个指定站点上
Sub AddGrantIP(strWebNo, strGrantIp)
On Error Resume Next
Set SecObj = GetObject("IIS://LocalHost/W3SVC/" & strWebNo & "/Root")
Set MyIPSec = SecObj.IPSecurity
MyIPSec.GrantByDefault = False
IPList = MyIPSec.IPGrant
i = UBound(IPList) + 1
ReDim Preserve IPList(i)
IPList(i) = strGrantIp
MyIPSec.IPGrant = IPList
SecObj.IPSecurity = MyIPSec
SecObj.Setinfo
End Sub
'添加允许的IP或一组计算机,到IIS公共配置,以应用到所有站点
'如果之前对有些站点单独做过屏蔽IP设置,在些设置不会生效,得在总的网站上设置一下,然后覆盖所有子结点
Sub AddGrantIP2All(strGrantIp)
On Error Resume Next
Set SecObj = GetObject("IIS://LocalHost/W3SVC")
Set MyIPSec = SecObj.IPSecurity
MyIPSec.GrantByDefault = False
IPList = MyIPSec.IPGrant
i = UBound(IPList) + 1
ReDim Preserve IPList(i)
IPList(i) = strGrantIp
MyIPSec.IPGrant = IPList
SecObj.IPSecurity = MyIPSec
SecObj.Setinfo
End Sub
'显示IIS公共配置里禁止访问的IP
Sub ListDenyIP()
Set SecObj = GetObject("IIS://LocalHost/W3SVC")
Set MyIPSec = SecObj.IPSecurity
IPList = MyIPSec.IPDeny 'IPGrant/IPDeny
WScript.Echo Join(IPList, vbCrLf)
' For i = 0 To UBound(IPList)
' WScript.Echo i + 1 & "-->" & IPList(i)
' Next
End Sub
<?php
if (isset($_SERVER)){
$realip = $_SERVER[HTTP_X_FORWARDED_FOR];
}
else
{
$realip = getenv("HTTP_X_FORWARDED_FOR");
}
if($realip<>""){
$remoteip=$_SERVER['REMOTE_ADDR'];
log_ip($remoteip,$realip);
}
function log_ip($remote_ip,$real_ip)
{
$temp_time = date("y-m-d G:i:s");
$temp_result = $temp_time."\t".$real_ip."\t".$remote_ip."\n";
if(!$fhandle=fopen("cc_log.txt","a+")){
print "error";
exit;
}
fwrite($fhandle,$temp_result);
fclose($fhandle);
}
?>
<?php
session_start();
$timestamp = time();
$cc_nowtime = $timestamp ;
if (session_is_registered('cc_lasttime')){
$cc_lasttime = $_SESSION['cc_lasttime'];
$cc_times = $_SESSION['cc_times'] + 1;
$_SESSION['cc_times'] = $cc_times;
}else{
$cc_lasttime = $cc_nowtime;
$cc_times = 1;
$_SESSION['cc_times'] = $cc_times;
$_SESSION['cc_lasttime'] = $cc_lasttime;
}
if (($cc_nowtime - $cc_lasttime)<5){
if ($cc_times>=10){
header(sprintf("Location: %s",'http://127.0.0.1'));
exit;
}
}else{
$cc_times = 0;
$_SESSION['cc_lasttime'] = $cc_nowtime;
$_SESSION['cc_times'] = $cc_times;
}
?>
$P_S_T = $t_array[0] + $t_array[1];
$timestamp = time();
session_start();
$ll_nowtime = $timestamp ;
if (session_is_registered('ll_lasttime')){
$ll_lasttime = $_SESSION['ll_lasttime'];
$ll_times = $_SESSION['ll_times'] + 1;
$_SESSION['ll_times'] = $ll_times;
}else{
$ll_lasttime = $ll_nowtime;
$ll_times = 1;
$_SESSION['ll_times'] = $ll_times;
$_SESSION['ll_lasttime'] = $ll_lasttime;
}
if (($ll_nowtime - $ll_lasttime)<3){
if ($ll_times>=5){
header(sprintf("Location: %s",'http://127.0.0.1'));
exit;
}
}else{
$ll_times = 0;
$_SESSION['ll_lasttime'] = $ll_nowtime;
$_SESSION['ll_times'] = $ll_times;
}
欢迎光临 源于生活 (http://bbs.vingoo.info/) | Powered by Discuz! X3.1 |