这份恶意UA黑名单，能拦截半个地球的恶意之潮

闲聊无标签

 0  460

WIZ 自成一派 2025-02-11 08:19:55

Lv：46级

经常看宝塔防火墙日志，总结了这些恶意UA大全。我将自己在用的分享给各大站长。

["Microsoft","rv:","Macintosh","Chat",".NET","JCE","cow","ZmEu","Bench","httperf","w3af","Netsparker","BabyKrokodil","PycURL","Havij","fimap","Nikto","Nmap","BBBike","libwww","Parser","MyTool","sqln","Pangolin","Crawler","Odin","Indy","HTTrack","Audit","DirBuster","Harvest","SQLmap","XSStrike","Metasploit","Arachni","ZAP","Aircrack","John","Hydra","l9explore","l9tcpid","Scrapy","FeedDemon","WebCopier","CrawlDaddy","Jullo","Feedly","WinHttp","CentOS","Ubuntu","Debian","python","Java","golang","Apache","Client","HttpClient","AsyncHttpClient","MicroMessenger","QQ","facebook","GPTBot","AhrefsBot","DotBot","Amazonbot","BLEXBot","MJ12bot","PetalBot","DuckDuckBot","DataForSeoBot","BotPoke","ClaudeBot","SemrushBot","YisouSpider"]

PS：已拦截 YisouSpider 神马的蜘蛛。像这种，不收录，还爬取，纯垃圾蜘蛛。

使用方法

打开宝塔防火墙-全局设置-UA黑名单-设置-点击清空按钮，再点击导入按钮确定即可。

没防火墙

如果，你没有安装宝塔防火墙。阔以参考下面文章使用，然后稍微改改代码就行了。

比如：Nginx屏蔽垃圾蜘蛛的办法代码可以这样写

if ($http_user_agent ~* "Microsoft|rv:|Macintosh|Chat|.NET|JCE|cow|ZmEu|Bench|httperf|w3af|Netsparker|BabyKrokodil|PycURL|Havij|fimap|Nikto|Nmap|BBBike|libwww|Parser|MyTool|sqln|Pangolin|Crawler|Odin|Indy|HTTrack|Audit|DirBuster|Harvest|SQLmap|XSStrike|Metasploit|Arachni|ZAP|Aircrack|John|Hydra|l9explore|l9tcpid|Scrapy|FeedDemon|WebCopier|CrawlDaddy|Jullo|Feedly|WinHttp|CentOS|Ubuntu|Debian|python|Java|golang|Apache|Client|HttpClient|AsyncHttpClient|MicroMessenger|QQ|facebook|GPTBot|AhrefsBot|DotBot|Amazonbot|BLEXBot|MJ12bot|PetalBot|DuckDuckBot|DataForSeoBot|BotPoke|ClaudeBot|SemrushBot|YisouSpider"){    return 403;}

或者：PHP禁止在微信和QQ中打开这个更加简单，把

$searchEngines = array('MicroMessenger','QQ');

改为

$searchEngines = ["Microsoft","rv:","Macintosh","Chat",".NET","JCE","cow","ZmEu","Bench","httperf","w3af","Netsparker","BabyKrokodil","PycURL","Havij","fimap","Nikto","Nmap","BBBike","libwww","Parser","MyTool","sqln","Pangolin","Crawler","Odin","Indy","HTTrack","Audit","DirBuster","Harvest","SQLmap","XSStrike","Metasploit","Arachni","ZAP","Aircrack","John","Hydra","l9explore","l9tcpid","Scrapy","FeedDemon","WebCopier","CrawlDaddy","Jullo","Feedly","WinHttp","CentOS","Ubuntu","Debian","python","Java","golang","Apache","Client","HttpClient","AsyncHttpClient","MicroMessenger","QQ","facebook","GPTBot","AhrefsBot","DotBot","Amazonbot","BLEXBot","MJ12bot","PetalBot","DuckDuckBot","DataForSeoBot","BotPoke","ClaudeBot","SemrushBot","YisouSpider"];

完成。但这个是动态、伪静态版的。