How to limit ua in php

UA is the user agent (User-Agent), and the server identifies the visitor's identity through UA. When a website returns an abnormal page (such as 403, 500) or jumps to other pages for access to a designated UA, it is a UA ban.

Restrictions user_agent:

user_agent (user agent): refers to browser (search engine) information including hardware platform, System software, application software and personal user preferences. (Recommended learning: PHP Video Tutorial)

When a hacker attacks your server with CC, check the log and find that user_agent is consistent, and user_agent appears multiple times in one second, so User_agent must be restricted

   <IfModule mod_rewrite.c> //使用rewrite模块
        RewriteEngine on
        RewriteCond %{HTTP_USER_AGENT}  .*curl.* [NC,OR] //定义user_agent条件，OR表示两条件之间是或者的意思，NC表示忽略大小写
        RewriteCond %{HTTP_USER_AGENT}  .*baidu.com.* [NC] //定义user_agent条件
        RewriteRule  .*  -  [F] // 规则 [F] 表示forbidden（403）
    </IfModule>

We still use rewrite modul

RewriteCond %{HTTP_USER_AGENT}  .*curl.* [NC,OR]   //匹配Curl的访问   [NC,OR] NC:忽略大小写。 OR：是或者的意思，要么这一条，要么下一条满足情况
RewriteCond %{HTTP_USER_AGENT}  .*baidu.com.* [NC]
RewriteRule  .*  -  [F]   // F：Forbidden 禁止

As long as you use curl and baidu.com to attack, it will not jump directly. Just ban it!

[[email protected] test3.com]# curl -x127.0.0.1:80 www.test3.com
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don&#39;t have permission to access /
on this server.<br />
</p>
</body></html>

The above is the detailed content of How to limit ua in php. For more information, please follow other related articles on the PHP Chinese website!