nginx lua 简单防cc 攻击

nginx lua 简单防cc 攻击

防攻击流量(代理型CC和低级发包型CC)

rewrite_by_lua '
    local say = ngx.md5("opencdn" .. ngx.var.remote_addr)
    if (ngx.var.cookie_say ~= say) then
        ngx.header["Set-Cookie"] = "say=" .. say
        return ngx.redirect(ngx.var.scheme .. "://" .. ngx.var.host .. ngx.var.uri)
    end
';

例2:

rewrite_by_lua '
  local rdmnum = ngx.var.cookie_rdmnum
  if(rdmnum == nil) then
    rdmnum = math.random(999999)
  end
  local rdmid = ngx.md5("FreeBSD" .. ngx.var.remote_addr .. rdmnum)
  if (ngx.var.cookie_rdmid ~= rdmid) then
    ngx.header["Set-Cookie"] = {"rdmid=" .. rdmid, "rdmnum=" .. rdmnum}
    return ngx.redirect(ngx.var.scheme .. "://" .. ngx.var.host .. ngx.var.request_uri)
  end
';

防扫描的插件 ngx_lua_waf https://github.com/loveshell/ngx_lua_waf 12

Relative Articles