By admin |

Drupal http client使用代理抓取墙外数据

$settings['http_client_config']['proxy']['http'] = 'http://206.189.127.27:8080';
$settings['http_client_config']['proxy']['https'] = 'http://206.189.127.27:8080';
$settings['http_client_config']['verify'] = false;
$settings['http_client_config']['proxy']['no'] = ['127.0.0.1', 'localhost'];

错误显示设置和调试设置

$config['devel.settings']['devel_dumper'] = 'var_dumper';
$config['system.logging']['error_level'] = 'verbose';
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);

proxy

$settings['reverse_proxy'] = TRUE;
$settings['reverse_proxy_addresses'] = [  $_SERVER['REMOTE_ADDR'],];

根据uri屏蔽

$bad_uri = [
  '?title1=&title=',
  '?title=&title1=',
  'accounting?page=',
];
foreach ($bad_uri as $uri) {
  if (str_contains($_SERVER['REQUEST_URI'], $uri)) {
    header('HTTP/1.0 403 Forbidden');
    print 'bad visit'; 
    exit;
  }
}

阻止指定的UserAgent访问

$bad_bots = [
	'YisouSpider',
	'MQQBrowser',
	'Mb2345Browser',
	'LieBaoFast',
	'UCBrowser'
];
foreach ($bad_bots as $bad_bot) {
  if (str_contains($_SERVER['HTTP_USER_AGENT'], $bad_bot)) {
    header('HTTP/1.0 403 Forbidden');
    print $bad_bot . ' Not allowed, bad visit!!';
    exit;
  }
}

屏蔽IP(这样效率更高,不要经过数据库,也不要改nginx/apache配置)

## 屏蔽IP
#
if (!function_exists('getRealUserIp')) {
  function getRealUserIp(){
   switch(true){
     case (!empty($_SERVER['HTTP_X_REAL_IP'])) : return $_SERVER['HTTP_X_REAL_IP'];
     case (!empty($_SERVER['HTTP_CLIENT_IP'])) : return $_SERVER['HTTP_CLIENT_IP'];
     case (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) : return $_SERVER['HTTP_X_FORWARDED_FOR'];
     default : return $_SERVER['REMOTE_ADDR'];
    }
  }
}
$real_ip = getRealUserIp();
//support CIDR format
$ban_ip = [
  //'194.87.68.143',
  //'127.0.0.1',
  '10.10.255.0/24',
];

foreach($ban_ip as $IP) {
  if (\Symfony\Component\HttpFoundation\IpUtils::checkIp($real_ip, $IP)) {
   // print "you're in the 10.2 subnet\n";
    header('HTTP/1.0 403 Forbidden');
    print 'Access denied for your IP:' . $real_ip; exit;
  }
}

强制HTTPS(Drupal 7)

$_SERVER['HTTPS'] = 'on';  
$_SERVER['SERVER_PORT'] = 443;