Comments (8)
根据地址,用黑名单拦截一下,或者把人机验证打开.
from safeline.
这些地址偶尔访问是正常的,但是持续大量访问(对方有控制频率)就是恶意抓取了。
from safeline.
那可以用人机验证啊。精准的控制频率似乎无法实现。
from safeline.
那不能一访问就出现人机验证吧,那对正常用户影响有点大。
我们现在频率限制是基于地址的吧 ,如果增加定义一个规则,符合条件才进入频率计算,可以吗?
from safeline.
#852 提出的 ja3指纹 似乎可以比较好的解决这个问题
cc @Lorna0
from safeline.
好像是,这个有推进了吗
from safeline.
@Ascetic2023
那不能一访问就出现人机验证吧,那对正常用户影响有点大。我们现在频率限制是基于地址的吧 ,如果增加定义一个规则,符合条件才进入频率计算,可以吗?
频率限制 不会一访问就人机的。只要在限频 “限制结果” 里选 “人机验证” 就可以了。直接配自定义规则才会一访问就人机。
1、虽然访问地址正常,但不断变化User-Agent。
这种得缓存一段时间的所有请求的 UA,持续进行对比,变化超过阈值之后拦截。开发成本和性能压力都会比较高。看看大家啥意见。
2、大量访问某一些特殊的地址
这个跟下面这两个反馈相似,建议集中到已有 issue 中点赞讨论:
from safeline.
@Lorna0 感谢回复。如果能做到基于自定义规则进行频率限制检查,然后进行策略选择,应该能解决此问题场景。
from safeline.
Related Issues (20)
- chaitin和apisix的集成问题 HOT 2
- 新人小白请教下,雷池下方的服务器为什么叫上游服务器,是因为画架构图的时候从下向上画的吗 HOT 4
- tengine容器无法启动[Bug] HOT 2
- [Feature] supports totp 2fa in auth challenge
- [Suggestion] 雷池WAF增加多IP监听功能 HOT 1
- 社区版防护站点数量达到上限 HOT 1
- [Suggestion] nginx自定义内容
- [Bug] 访问非80端口时错误跳转到其他端口 HOT 4
- [Bug] 根据文档接入k8s后,防护似乎都失效了 HOT 1
- 微信支付回调被拦截 HOT 2
- 建议证书过期增加通知功能,比如钉钉之类的
- 升级后proxy_set_header Accept-Encoding ""配置丢失 HOT 2
- [Bug] text/plain 类型的图标没有 HOT 1
- [Suggestion] Using IPinfo IP to Country ASN database HOT 2
- [Bug] 6.2.4版本升级至6.5.0版本intercepts接口报错 HOT 3
- [Bug] 一键安装脚本安装失败 HOT 4
- [Suggestion] 建议将通过人机验证的IP记录到系统中,该IP在访问其它站点时跳过人机验证环节
- [Suggestion] 希望可以根据达到限制的qps数/请求数来开启人机验证
- 如何设置自定义IP组的更新时间?或者如何用命令行更新IP组?
- [Bug] Failed to connect to postgresql DB
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from safeline.