![]() |
#1 |
Designer guy
Wrote a book
|
![]() Logovi su mi PREPUNI ovih gluposti:
Kôd:
/category/category/category/category/category/category/category/category/category/category/category/category/category/category/category/category/category/category/category/category/category/category/category/category/category/category/category/category/ca EDIT: Evo sada kad bolje razmislim, na svaki minut po jedan hit se pravio. Pomoću .htaccess sam zabranio pristup spornom IPju sa: Kôd:
deny from ***.***.***.*** Poslednja izmena od Dragan Babić : 28. 08. 2006. u 10:43. |
![]() |
![]() |
![]() |
#2 |
Nekad bio ddz
Expert
|
![]() Ili se neki searchbot zaglupeo, ili neko pokušava da izvede extra long URL attack. Ja bih stavio pare na ovo prvo.
__________________
Converting dead links into hyperlinks since 1996. |
![]() |
![]() |
![]() |
#3 |
Igor Marinović
Expert
|
![]() Sta kaze koji je UserAgent?
Ako je crawler, obicno se potpise. |
![]() |
![]() |
![]() |
#4 |
Designer guy
Wrote a book
|
![]() Hmmm, search botove uglavnom prepoznam preko DNS lookupa tipa "crawl-66-249-66-73.googlebot.com", ali ovaj je cist IP.
Ako je ovo drugo, u TXPu sam naznačio da URI ne može biti duži od 50 karaktera valjda, ne znam sada da li se to tiče samo kreacije URIja ili i na ove slučajeve. |
![]() |
![]() |
![]() |
#5 |
Super Moderator
Invented the damn thing
Datum učlanjenja: 06.06.2005
Poruke: 2.371
Hvala: 370
701 "Hvala" u 194 poruka
![]() ![]() ![]() ![]() ![]() ![]() ![]() |
![]() Mozda ti neki secur(č)ity expert proverava blog
![]() |
![]() |
![]() |
![]() |
#6 |
Nekad bio ddz
Expert
|
![]() Mislim da ti se to podešavanje u TXPu odnosi samo na generisanje novih permalinkova. Ono što tebi treba je LimitRequestLine direktiva u .htaccessu. Samo pazi da ne preteraš
![]()
__________________
Converting dead links into hyperlinks since 1996. |
![]() |
![]() |
![]() |
#7 | |
Knowledge base
Wrote a book
Datum učlanjenja: 09.06.2005
Poruke: 1.123
Hvala: 26
319 "Hvala" u 22 poruka
![]() ![]() ![]() ![]() |
![]() Citat:
Poslednja moda je da neko sa IP adrese u Srbiji "testira sekurčiti" tako što Textpattern pod Referrer prikazuje Netvibes setovan na HR jezičko podešavanje. Ako je neko imao slično iskustvo? |
|
![]() |
![]() |
![]() |
#8 | |
Designer guy
Wrote a book
|
![]() Citat:
![]() |
|
![]() |
![]() |
![]() |
#9 |
Nekad bio ddz
Expert
|
![]() Ništa komplikovano - u .htaccess staviš:
Kôd:
LimitRequestLine 128 Moraš da budeš pažljiv i da ne staviš limit koji je previše nizak, da bi legitimni zahtevi mogli da prođu. Takođe, postoji mogućnost da admin ne dozvoljava korisniku da izmeni ovo podešavanje. Nije na odmet ni da u .htaccess staviš ovaj kôd (preuzet sa http://forum.joomla.org/index.php/topic,75376.0.html): Kôd:
########## Begin - Rewrite rules to block out some common exploits # # Block out any script trying to set a mosConfig value through the URL RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR] # Block out any script trying to base64_encode crap to send via URL RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR] # Block out any script that includes a <script> tag in URL RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] # Block out any script trying to set a PHP GLOBALS variable via URL RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] # Block out any script trying to modify a _REQUEST variable via URL RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) # Send all blocked request to homepage with 403 Forbidden error! RewriteRule ^(.*)$ index.php [F,L] # ########## End - Rewrite rules to block out some common exploits
__________________
Converting dead links into hyperlinks since 1996. |
![]() |
![]() |
![]() |
#10 |
Designer guy
Wrote a book
|
![]() OK, hvala mnogo Dušane, uradiću to odmah.
![]() |
![]() |
![]() |
![]() |
|
|