Now server y should be DOSed. Part of the access log is as follows:
27.211.209.120 - - [17/Jul/2016:10:16:32 +0800] "GET /forum.php?&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&&wangzhanbeihei&chongzhuangwangzhan&&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&19541 HTTP/1.1" 200 31 "http://106.187.97.172/info.php" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)" 1.189.19.82 - - [17/Jul/2016:10:16:32 +0800] "GET /forum.php?&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&&wangzhanbeihei&chongzhuangwangzhan&&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&2322 HTTP/1.1" 200 31 "http://106.187.97.172/info.php" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36" 223.246.197.118 - - [17/Jul/2016:10:16:32 +0800] "GET /forum.php?&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&&wangzhanbeihei&chongzhuangwangzhan&&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&7147 HTTP/1.1" 200 31 "http://106.187.97.172/info.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53"
Then refere shows all from
http://106.187.97.172/info.php
I configured nginx
map $http_referer $bad_referer { default 0; "106.187.97.172/info.php" 1; }
and
location / { if ($bad_referer) { return 403; }
After restarting nginx
nginx log still shows 200 ok for access? Where did I go wrong?
Use Alibaba Cloud, Amazon Cloud, or Baidu Cloud acceleration to resolve domain names, which can resist DoS