Nginx可通过User Agent来屏蔽和防范各类不请自来的爬虫采集或者漏洞扫描
编者按:
在nginx\conf目录下查找并打开nginx.conf,查找到 server { listen 80; server_name localhost;在下面添加下面三段代码#禁止Scrapy等工具的抓取if ($http_user_agent ~* (Scrapy|Curl|HttpClient)) {return 403
在nginx/conf目录下查找并打开你的nginx.conf,在 server模块中添加下面三段示范代码(本文会不定时不断更新,现已更新至2023年3月23日):
#1.禁止特定UA及UA为空的访问,注意书写格式if和(之间有空格,|Ezooms|最后面有个|,用于禁止空ua访问
if ($http_user_agent ~* "masscan|t3versions|WindowsPowerShell|okhttp|nmap.org|Ubuntu|zgrab|SurdotlyBot|bsalsa.com|Barkrowler|Dalvik|libwww-perl|scrapy.org|lookout.org|woorank|GeedoBot|oBot|checkmarknetwork|webpros|sxyxw.cn|neevabot|domainsbot|seekport|rwth-aachen|domaincodex|heritrix|serpstat|centuryb|measurement|datenbank|websus|misc.yahoo.com.cn|opensiteexplorer|semrush|seostar|mj12bot|webmeup-crawler|dataforseo|seznam|censys|ahrefs|python|seokicks|paloaltonetworks|dp888|Baispider|daum|netcraft|expanseinc|nmap|CCBot|crawlson|Dataprovider|leakix|megaindex|sybluegiant|Barkrowler|webtechsurvey|duckduckgo|^$" ) { return 403; }
#2.禁止Scrapy等特定工具的抓取
if ($http_user_agent ~* (Wget|Scrapy|Curl|HttpClient)) { return 403; }
#3.禁止非GET|HEAD|POST方式的抓取
if ($request_method !~ ^(GET|HEAD|POST)$) { return 403; }
保存nginx.conf文件并重启nginx。如您对本文有任何疑问,可以加邓杰律师微信进行深入交流。
本文标签: