Thứ Hai, 29 tháng 8, 2011

Chống DDOS hiệu quả bằng cách chặn IP dùng .htaccess

16:09 zeko sock No comments

Chống DDOS bằng cách chặn IP dùng .htaccess

Trước tiên vào trang này: http://www.countryipblocks.net/

Đây là một trang tra cứu về địa chỉ IP miễn phí và update Database thường xuyên.

Cũng ở cột bên phải, kéo xuống phần Country IP listing, gõ 2 ký tự thể hiện quốc gia mà bạn muốn tra cứu dải địa chỉ IP (VN là Việt Nam, TH là Thailand, DE là Đức... chẳng hạn). và chọn CIDR Format rồi ấn Submit
Bạn sẽ nhận được danh sách IP Việt Nam như sau:

Trích dẫn

# Country: VIET NAM
# ISO Code: VN
# Total Networks: 196
# Total Subnets:  15,513,344
1.52.0.0/14
14.0.16.0/20
14.160.0.0/11
14.224.0.0/11
27.0.12.0/22
27.2.0.0/15
27.64.0.0/12
27.118.16.0/20
42.1.64.0/18
42.96.0.0/18
42.112.0.0/13
49.156.52.0/22
49.213.64.0/18
49.236.208.0/22
49.246.128.0/18
49.246.192.0/19
58.186.0.0/15
61.11.224.0/19
61.28.224.0/19
101.53.0.0/18
101.96.12.0/22
101.96.64.0/18
101.99.0.0/18
103.1.200.0/22
103.1.208.0/22
103.1.236.0/22
103.2.220.0/22
103.2.224.0/22
103.2.228.0/22
103.3.244.0/22
103.3.248.0/22
103.3.252.0/22
103.246.104.0/24
110.35.64.0/21
110.35.72.0/21
110.44.184.0/21
111.65.240.0/20
111.91.232.0/22
112.72.64.0/18
112.78.0.0/20
112.109.88.0/21
112.137.128.0/20
112.197.0.0/16
112.213.80.0/20
113.20.96.0/19
113.22.0.0/16
113.23.0.0/17
113.52.32.0/19
113.61.108.0/22
113.160.0.0/11
115.72.0.0/13
115.84.176.0/21
115.146.120.0/21
115.165.160.0/21
116.68.128.0/21
116.96.0.0/12
116.118.0.0/17
116.193.64.0/20
116.212.32.0/19
117.0.0.0/13
117.103.192.0/18
117.122.0.0/17
118.68.0.0/14
118.102.0.0/21
118.107.64.0/18
119.15.160.0/19
119.17.192.0/18
119.18.128.0/20
119.18.184.0/21
119.82.128.0/20
120.50.184.0/21
120.72.80.0/21
120.72.96.0/19
120.138.64.0/20
122.102.112.0/22
122.129.0.0/18
122.201.8.0/21
123.16.0.0/12
124.157.0.0/18
124.158.0.0/20
125.58.0.0/18
125.212.128.0/17
125.214.0.0/18
125.234.0.0/15
125.253.112.0/20
171.224.0.0/11
175.103.64.0/18
175.106.0.0/22
180.93.0.0/16
180.148.0.0/21
180.148.128.0/20
180.214.236.0/22
182.161.80.0/20
182.236.112.0/22
182.237.20.0/22
183.80.0.0/16
183.81.0.0/17
183.90.160.0/21
183.91.0.0/19
183.91.160.0/19
202.0.79.0/24
202.4.168.0/24
202.4.176.0/24
202.6.2.0/24
202.6.96.0/23
202.9.79.0/24
202.9.80.0/24
202.9.84.0/24
202.37.86.0/23
202.43.108.0/22
202.44.137.0/24
202.47.87.0/24
202.47.142.0/24
202.52.39.0/24
202.55.132.0/22
202.56.57.0/24
202.58.245.0/24
202.59.238.0/23
202.59.252.0/23
202.60.104.0/21
202.74.56.0/24
202.74.58.0/23
202.78.224.0/21
202.79.232.0/21
202.87.212.0/22
202.92.4.0/22
202.93.156.0/22
202.94.82.0/24
202.94.88.0/23
202.124.204.0/24
202.130.36.0/23
202.134.16.0/21
202.134.54.0/24
202.151.160.0/20
202.158.244.0/22
202.160.124.0/23
202.172.4.0/23
202.191.56.0/22
203.8.127.0/24
203.8.172.0/24
203.34.144.0/24
203.77.178.0/24
203.79.28.0/24
203.89.140.0/22
203.99.248.0/22
203.113.128.0/19
203.113.160.0/19
203.119.8.0/22
203.119.36.0/22
203.119.44.0/22
203.119.58.0/23
203.119.60.0/22
203.119.64.0/21
203.119.72.0/22
203.128.240.0/21
203.160.0.0/23
203.160.96.0/21
203.161.178.0/24
203.162.0.0/21
203.162.8.0/21
203.162.16.0/20
203.162.32.0/19
203.162.64.0/18
203.162.128.0/20
203.162.144.0/20
203.162.160.0/19
203.162.192.0/18
203.163.128.0/18
203.170.26.0/23
203.171.16.0/20
203.176.160.0/21
203.189.28.0/22
203.190.160.0/20
203.191.8.0/21
203.191.48.0/21
203.195.0.0/18
203.201.56.0/22
203.205.0.0/18
203.209.180.0/22
203.210.128.0/18
203.210.192.0/18
210.2.64.0/18
210.86.224.0/20
210.211.96.0/19
210.245.0.0/19
210.245.32.0/19
210.245.64.0/18
218.100.10.0/24
218.100.14.0/24
218.100.60.0/24
220.231.64.0/18
221.121.0.0/18
221.132.0.0/18
221.133.0.0/19
222.252.0.0/14
223.27.104.0/21

Trước tiên bạn phải xác định là website của mình chỉ để cho khách hàng là người VN ( hoặc thêm nước nào tùy ý ) truy cập.
Để chống DDOS hoặc BOTNET dùng sock hoặc fake IP nước ngoài như ( US, JP, ...) chúng ta tạo file .htaccess với nội dung như sau :

RewriteEngine on ErrorDocument 404 /404.html <Files ".htaccess"> deny from all </Files> order deny,allow deny from all allow from 1.52.0.0/14 allow from 14.0.16.0/20 allow from 14.160.0.0/11 allow from 14.224.0.0/11 allow from 27.0.12.0/22 allow from 27.2.0.0/15 allow from 27.64.0.0/12 allow from 27.118.16.0/20 allow from 42.1.64.0/18 allow from 42.96.0.0/18 allow from 42.112.0.0/13 allow from 49.156.52.0/22 allow from 49.213.64.0/18 allow from 49.236.208.0/22 allow from 49.246.128.0/18 allow from 49.246.192.0/19 allow from 58.186.0.0/15 allow from 61.11.224.0/19 allow from 61.28.224.0/19 allow from 101.53.0.0/18 allow from 101.96.12.0/22 allow from 101.96.64.0/18 allow from 101.99.0.0/18 allow from 103.1.200.0/22 allow from 103.1.208.0/22 allow from 103.1.236.0/22 allow from 103.2.220.0/22 allow from 103.2.224.0/22 allow from 103.2.228.0/22 allow from 110.35.64.0/21 allow from 110.35.72.0/21 allow from 110.44.184.0/21 allow from 111.65.240.0/20 allow from 111.91.232.0/22 allow from 112.72.64.0/18 allow from 112.78.0.0/20 allow from 112.109.88.0/21 allow from 112.137.128.0/20 allow from 112.197.0.0/16 allow from 112.213.80.0/20 allow from 113.20.96.0/19 allow from 113.22.0.0/16 allow from 113.23.0.0/17 allow from 113.52.32.0/19 allow from 113.61.108.0/22 allow from 113.160.0.0/11 allow from 115.72.0.0/13 allow from 115.84.176.0/21 allow from 115.146.120.0/21 allow from 115.165.160.0/21 allow from 116.68.128.0/21 allow from 116.96.0.0/12 allow from 116.118.0.0/17 allow from 116.193.64.0/20 allow from 116.212.32.0/19 allow from 117.0.0.0/13 allow from 117.103.192.0/18 allow from 117.122.0.0/17 allow from 118.68.0.0/14 allow from 118.102.0.0/21 allow from 118.107.64.0/18 allow from 119.15.160.0/19 allow from 119.17.192.0/18 allow from 119.18.128.0/20 allow from 119.18.184.0/21 allow from 119.82.128.0/20 allow from 120.50.184.0/21 allow from 120.72.80.0/21 allow from 120.72.96.0/19 allow from 120.138.64.0/20 allow from 122.102.112.0/22 allow from 122.129.0.0/18 allow from 122.201.8.0/21 allow from 123.16.0.0/12 allow from 124.157.0.0/18 allow from 124.158.0.0/20 allow from 125.58.0.0/18 allow from 125.212.128.0/17 allow from 125.214.0.0/18 allow from 125.234.0.0/15 allow from 125.253.112.0/20 allow from 171.224.0.0/11 allow from 175.103.64.0/18 allow from 175.106.0.0/22 allow from 180.93.0.0/16 allow from 180.148.0.0/21 allow from 180.148.128.0/20 allow from 180.214.236.0/22 allow from 182.161.80.0/20 allow from 182.236.112.0/22 allow from 182.237.20.0/22  allow from 183.81.0.0/17 allow from 183.90.160.0/21 allow from 183.91.0.0/19 allow from 183.91.160.0/19 allow from 202.0.79.0/24 allow from 202.4.168.0/24 allow from 202.4.176.0/24 allow from 202.6.2.0/24 allow from 202.6.96.0/23 allow from 202.9.79.0/24 allow from 202.9.80.0/24 allow from 202.9.84.0/24 allow from 202.37.86.0/23 allow from 202.43.108.0/22 allow from 202.44.137.0/24 allow from 202.47.87.0/24 allow from 202.47.142.0/24 allow from 202.52.39.0/24 allow from 202.55.132.0/22 allow from 202.56.57.0/24 allow from 202.58.245.0/24 allow from 202.59.238.0/23 allow from 202.59.252.0/23 allow from 202.60.104.0/21 allow from 202.74.56.0/24 allow from 202.74.58.0/23 allow from 202.78.224.0/21 allow from 202.79.232.0/21 allow from 202.87.212.0/22 allow from 202.92.4.0/22 allow from 202.93.156.0/22 allow from 202.94.82.0/24 allow from 202.94.88.0/23 allow from 202.124.204.0/24 allow from 202.130.36.0/23 allow from 202.134.16.0/21 allow from 202.134.54.0/24 allow from 202.151.160.0/20 allow from 202.158.244.0/22 allow from 202.160.124.0/23 allow from 202.172.4.0/23 allow from 202.191.56.0/22 allow from 203.8.127.0/24 allow from 203.8.172.0/24 allow from 203.34.144.0/24 allow from 203.77.178.0/24 allow from 203.79.28.0/24 allow from 203.89.140.0/22 allow from 203.99.248.0/22 allow from 203.113.128.0/19 allow from 203.113.160.0/19 allow from 203.119.8.0/22 allow from 203.119.36.0/22 allow from 203.119.44.0/22 allow from 203.119.58.0/23 allow from 203.119.60.0/22 allow from 203.119.64.0/21 allow from 203.119.72.0/22 allow from 203.128.240.0/21 allow from 203.160.0.0/23 allow from 203.160.96.0/21 allow from 203.161.178.0/24 allow from 203.162.0.0/21 allow from 203.162.8.0/21 allow from 203.162.16.0/20 allow from 203.162.32.0/19 allow from 203.162.64.0/18 allow from 203.162.128.0/20 allow from 203.162.144.0/20 allow from 203.162.160.0/19 allow from 203.162.192.0/18 allow from 203.163.128.0/18 allow from 203.170.26.0/23 allow from 203.171.16.0/20 allow from 203.176.160.0/21 allow from 203.189.28.0/22 allow from 203.190.160.0/20 allow from 203.191.8.0/21 allow from 203.191.48.0/21 allow from 203.195.0.0/18 allow from 203.201.56.0/22 allow from 203.205.0.0/18 allow from 203.209.180.0/22 allow from 203.210.128.0/18 allow from 203.210.192.0/18 allow from 210.2.64.0/18 allow from 210.86.224.0/20 allow from 210.211.96.0/19 allow from 210.245.0.0/19 allow from 210.245.32.0/19 allow from 210.245.64.0/18 allow from 218.100.10.0/24 allow from 218.100.14.0/24 allow from 218.100.60.0/24 allow from 220.231.64.0/18 allow from 221.121.0.0/18 allow from 221.132.0.0/18 allow from 221.133.0.0/19 allow from 222.252.0.0/14 allow from 223.27.104.0/21

Save lại và upload lên host xong CHMOD 644 .

Kết quả: tất cả ip không nằm trong list được phép ( allow ) trong file .htaccess thì sẽ không truy cập được vào site bạn cũng như các tool ddos không thể kết nối đến site bạn. Dĩ nhiên là không có gì tuyệt đối nhé. Chứ BOTNET nó chỉ cần 1 lần connect server bạn phải - Deny 1 lần thế đủ xỉu.

Nếu bạn muốn làm ngược lại - nghĩa là cho phép tất cả truy cập loại trừ những IP không mong muốn thì nội dung của file

RewriteEngine on ErrorDocument 404 /404.html <Files ".htaccess"> allow from all </Files> order deny,allow allow from all  deny from 3.0.0.0/8 deny from 4.0.0.0/8 deny from 6.0.0.0/8 deny from 7.0.0.0/8 deny from 8.0.0.0/8 deny from 9.0.0.0/8 deny from list IP mà bạn muốn chặn

Sưu tầm

Posted in: ,,

0 nhận xét:

Đăng nhận xét

Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by mkha.hero