Security on 瓶子裡的小狐狸 https://szeching.com/tags/security/ Recent content in Security on 瓶子裡的小狐狸 Hugo zh-Hant Thu, 04 Jul 2024 14:30:00 +0800 立刻檢查您的 OpenSSH 版本!遠端未經授權代碼執行漏洞曝光 https://szeching.com/check-your-openssh-version-immediately/ Mon, 01 Jul 2024 23:56:56 +0800 https://szeching.com/check-your-openssh-version-immediately/ <p>2024年7月1日,Qualys 安全研究團隊發現了一個嚴重的 OpenSSH 服務器漏洞,命名為 『regreSSHion』<sup id="fnref:1"><a href="#fn:1" class="footnote-ref" role="doc-noteref">1</a></sup>。</p> <h2 id="1-regresshion漏洞的影響">1. regreSSHion漏洞的影響<a class="anchorjs-link" href="#1-regresshion%e6%bc%8f%e6%b4%9e%e7%9a%84%e5%bd%b1%e9%9f%bf"></a></h2><p>這個漏洞的潛在影響是非常嚴重的。攻擊者可以在不需要任何身份驗證的情況下,在受影響的系統上執行任意代碼,獲得最高權限。這意味著他們可以完全控制系統,安裝惡意軟體、操縱數據,甚至建立持久的後門訪問。此外,他們還可以利用被入侵的系統作為跳板,橫向滲透到組織內部的其他系統。</p> Cross-Origin Resource Sharing (CORS) 跨來源資源共用錯誤解決方法 https://szeching.com/fix-the-cors-error/ Fri, 20 May 2022 10:10:00 +0000 https://szeching.com/fix-the-cors-error/ <p>最近Y cheung 遇到了兩個典型 CORS error問題,XMLHttpRequest 和 Fetch 請求了跨來源資源被瀏覽器阻擋,記錄一下解決方法。</p> <h2 id="什麼是cross-origin-resource-sharing-cors-跨來源資源共用">什麼是Cross-Origin Resource Sharing (CORS) 跨來源資源共用?<a class="anchorjs-link" href="#%e4%bb%80%e9%ba%bc%e6%98%afcross-origin-resource-sharing-cors-%e8%b7%a8%e4%be%86%e6%ba%90%e8%b3%87%e6%ba%90%e5%85%b1%e7%94%a8"></a></h2><blockquote> <p><strong>Cross-Origin Resource Sharing (CORS)</strong> is an HTTP-header based mechanism that allows a server to indicate any origins (domain, scheme, or port) other than its own from which a browser should permit loading resources. CORS also relies on a mechanism by which browsers make a &ldquo;preflight&rdquo; request to the server hosting the cross-origin resource, in order to check that the server will permit the actual request. In that preflight, the browser sends headers that indicate the HTTP method and headers that will be used in the actual request.</p> 獲取最新惡意爬蟲列表配置 Fail2ban Filter https://szeching.com/secure-nginx-with-fail2ban-badbot-filter/ Thu, 25 Nov 2021 11:04:00 +0000 https://szeching.com/secure-nginx-with-fail2ban-badbot-filter/ <p>安裝並設置好 Fail2ban 後(可以參考Y Cheung 之前寫的『<a href="https://szeching.com/fail2ban-nginx-filter-config">Fail2ban 配置 Nginx filter</a>』),可以看到在 <code>/etc/fail2ban/filter.d/nginx-badbots.conf</code> 內容如下:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-fallback" data-lang="fallback"><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 1</span><span># /etc/fail2ban/filter.d/nginx-badbots.conf </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 2</span><span># Fail2Ban configuration file </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 3</span><span># </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 4</span><span># Regexp to catch known spambots and software alike. Please verify </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 5</span><span># that it is your intent to block IPs which were driven by </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 6</span><span># above mentioned bots. </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 7</span><span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 8</span><span>[Definition] </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 9</span><span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">10</span><span>badbotscustom = EmailCollector|WebEMailExtrac|TrackBack/1\.02|sogou music spider|(?:Mozilla/\d+\.\d+ )?Jorgee </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">11</span><span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">12</span><span>badbots = Atomic_Email_Hunter/4\.0|atSpider/1\.0|autoemailspider|bwh3_user_agent|China Local Browse 2\.6|ContactBot/0\.2|ContentSmartz|DataCha0s/2\.0|DBrowse 1\.4b|DBrowse 1\.4d|Demo Bot DOT 16b|Demo Bot Z 16b|DSurf15a 01|DSurf15a 71|DSurf15a 81|DSurf15a VA|EBrowse 1\.4b|Educate Search VxB|EmailSiphon|EmailSpider|EmailWolf 1\.00|ESurf15a 15|ExtractorPro|Franklin Locator 1\.8|FSurf15a 01|Full Web Bot 0416B|Full Web Bot 0516B|Full Web Bot 2816B|Guestbook Auto Submitter|Industry Program 1\.0\.x|ISC Systems iRc Search 2\.1|IUPUI Research Bot v 1\.9a|LARBIN-EXPERIMENTAL \(efp@gmx\.net\)|LetsCrawl\.com/1\.0 \+http\://letscrawl\.com/|Lincoln State Web Browser|LMQueueBot/0\.2|LWP\:\:Simple/5\.803|Mac Finder 1\.0\.xx|MFC Foundation Class Library 4\.0|Microsoft URL Control - 6\.00\.8xxx|Missauga Locate 1\.0\.0|Missigua Locator 1\.9|Missouri College Browse|Mizzu Labs 2\.2|Mo College 1\.9|MVAClient|Mozilla/2\.0 \(compatible; NEWT ActiveX; Win32\)|Mozilla/3\.0 \(compatible; Indy Library\)|Mozilla/3\.0 \(compatible; scan4mail \(advanced version\) http\://www\.peterspages\.net/?scan4mail\)|Mozilla/4\.0 \(compatible; Advanced Email Extractor v2\.xx\)|Mozilla/4\.0 \(compatible; Iplexx Spider/1\.0 http\://www\.iplexx\.at\)|Mozilla/4\.0 \(compatible; MSIE 5\.0; Windows NT; DigExt; DTS Agent|Mozilla/4\.0 efp@gmx\.net|Mozilla/5\.0 \(Version\: xxxx Type\:xx\)|NameOfAgent \(CMS Spider\)|NASA Search 1\.0|Nsauditor/1\.x|PBrowse 1\.4b|PEval 1\.4b|Poirot|Port Huron Labs|Production Bot 0116B|Production Bot 2016B|Production Bot DOT 3016B|Program Shareware 1\.0\.2|PSurf15a 11|PSurf15a 51|PSurf15a VA|psycheclone|RSurf15a 41|RSurf15a 51|RSurf15a 81|searchbot admin@google\.com|ShablastBot 1\.0|snap\.com beta crawler v0|Snapbot/1\.0|Snapbot/1\.0 \(Snap Shots&amp;#44; \+http\://www\.snap\.com\)|sogou develop spider|Sogou Orion spider/3\.0\(\+http\://www\.sogou\.com/docs/help/webmasters\.htm#07\)|sogou spider|Sogou web spider/3\.0\(\+http\://www\.sogou\.com/docs/help/webmasters\.htm#07\)|sohu agent|SSurf15a 11 |TSurf15a 11|Under the Rainbow 2\.2|User-Agent\: Mozilla/4\.0 \(compatible; MSIE 6\.0; Windows NT 5\.1\)|VadixBot|WebVulnCrawl\.unknown/1\.0 libwww-perl/5\.803|Wells Search II|WEP Search 00 </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">13</span><span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">14</span><span>failregex = ^&lt;HOST&gt; -.*&#34;(GET|POST|HEAD).*HTTP.*&#34;(?:%(badbots)s|%(badbotscustom)s)&#34;$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">15</span><span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">16</span><span>ignoreregex = </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">17</span><span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">18</span><span>datepattern = {^LN-BEG}%%ExY(?P&lt;_sep&gt;[-/.])%%m(?P=_sep)%%d[T ]%%H:%%M:%%S(?:[.,]%%f)?(?:\s*%%z)? </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">19</span><span> ^[^\[]*\[({DATE}) </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">20</span><span> {^LN-BEG} </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">21</span><span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">22</span><span># DEV Notes: </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">23</span><span># List of bad bots fetched from http://www.user-agents.org </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">24</span><span># Generated on Thu Nov 7 14:23:35 PST 2013 by files/gen_badbots. </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">25</span><span># </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">26</span><span># Author: Yaroslav Halchenko </span></span></code></pre></div><p>如果沒有找到這個文件,請新建一個,或者將 <code>apache-badbots.conf</code> 拷貝並重命名。</p> IPTABLES 封鎖 IP 黑名单 https://szeching.com/blocking-ip-addresses-from-the-ultimate-bad-bot-blockers-bad-ip-address-list-using-iptables/ Wed, 24 Nov 2021 11:00:00 +0000 https://szeching.com/blocking-ip-addresses-from-the-ultimate-bad-bot-blockers-bad-ip-address-list-using-iptables/ <h2 id="在服務器上增加-iptables-chain">在服務器上增加 iptables chain<a class="anchorjs-link" href="#%e5%9c%a8%e6%9c%8d%e5%8b%99%e5%99%a8%e4%b8%8a%e5%a2%9e%e5%8a%a0-iptables-chain"></a></h2><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">1</span><span>iptables -N black_ip_list </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">2</span><span>iptables -I INPUT -p tcp -m multiport --dports 80,443 -j black_ip_list </span></span></code></pre></div><h2 id="新建-bash-文件-banipsh">新建 bash 文件 banip.sh<a class="anchorjs-link" href="#%e6%96%b0%e5%bb%ba-bash-%e6%96%87%e4%bb%b6-banipsh"></a></h2><p>在這個文件中,首先清空 black_ip_list 中的規則, 然後從 <code>mitchellkrogza/nginx-ultimate-bad-bot-blocker</code> 中獲取最新的IP BLACKLIST 列表,循環每一個IP地址,將其設為拒絕請求。</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">1</span><span><span style="color:#ff79c6">#!/bin/bash </span></span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">2</span><span><span style="color:#ff79c6"></span>iptables -F black_ip_list </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">3</span><span>iptables -A black_ip_list -j RETURN </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">4</span><span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">5</span><span>wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/_generator_lists/bad-ip-addresses.list -O old.blackip.txt 2&gt;/dev/null </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">6</span><span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">7</span><span><span style="color:#ff79c6">for</span> ip in <span style="color:#f1fa8c">`</span>cat old.blackip.txt<span style="color:#f1fa8c">`</span>; <span style="color:#ff79c6">do</span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">8</span><span>iptables -I black_ip_list <span style="color:#bd93f9">1</span> -s <span style="color:#8be9fd;font-style:italic">$ip</span> -j REJECT --reject-with icmp-port-unreachable; </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">9</span><span><span style="color:#ff79c6">done</span> </span></span></code></pre></div><h2 id="將-banipsh-文件權限變更為可執行">將 banip.sh 文件權限變更為可執行<a class="anchorjs-link" href="#%e5%b0%87-banipsh-%e6%96%87%e4%bb%b6%e6%ac%8a%e9%99%90%e8%ae%8a%e6%9b%b4%e7%82%ba%e5%8f%af%e5%9f%b7%e8%a1%8c"></a></h2><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">1</span><span>sudo chmod a+x banip.sh </span></span></code></pre></div><h2 id="執行-banipsh-文件">執行 banip.sh 文件<a class="anchorjs-link" href="#%e5%9f%b7%e8%a1%8c-banipsh-%e6%96%87%e4%bb%b6"></a></h2><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">1</span><span>sudo ./banip.sh </span></span></code></pre></div><h2 id="tips">TIPS:<a class="anchorjs-link" href="#tips"></a></h2><ul> <li>可以隔段時間執行一下該scripts,以獲取最新的block ip 列表</li> <li>解封ip</li> </ul> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">1</span><span>iptables -D black_ip_list -s &lt;ip&gt; -j REJECT --reject-with icmp-port-unreachable </span></span></code></pre></div><ul> <li>查看所有的 iptables chain 列表,並帶序號</li> </ul> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">1</span><span>iptables -L INPUT -n --line-numbers </span></span></code></pre></div><ul> <li>檢視當前 iptable 的所有規則</li> </ul> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">1</span><span>iptables -nvL </span></span></code></pre></div><ul> <li>清空和刪除 chain</li> </ul> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">1</span><span>iptables -F black_ip_list </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">2</span><span>iptables -X black_ip_list </span></span></code></pre></div><p>注意,如果沒有先清空而直接刪除chain會拋出錯誤</p> 使用Cloudflare加速和保護你的Wordpress網站 https://szeching.com/how-to-speed-up-secure-your-wordpress-website-with-cloudflare/ Fri, 13 Aug 2021 11:05:00 +0000 https://szeching.com/how-to-speed-up-secure-your-wordpress-website-with-cloudflare/ <p><a href="https://www.cloudflare.com/zh-cn/" target="_blank">Cloudflare</a> 是提供基於反向代理的內容傳遞網路及分布式域名解析的服務,也就是我們俗稱的CDN加速。它不僅可以緩存網站內容,加速網站提升用戶體驗,還能進行簡單的防火牆設置,讓你的網站和服務器更安全。</p> Fail2ban 配置 Nginx filter https://szeching.com/fail2ban-nginx-filter-config/ Mon, 15 Jun 2020 12:00:00 +0000 https://szeching.com/fail2ban-nginx-filter-config/ <p>簡要紀錄一下目前服務器上的 fail2ban 關於 nginx 的 filter 配置。</p> <h2 id="惡意爬蟲過濾器">惡意爬蟲過濾器<a class="anchorjs-link" href="#%e6%83%a1%e6%84%8f%e7%88%ac%e8%9f%b2%e9%81%8e%e6%bf%be%e5%99%a8"></a></h2><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-fallback" data-lang="fallback"><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 1</span><span># /etc/fail2ban/filter.d/nginx-badbots.conf </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 2</span><span>[Definition] </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 3</span><span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 4</span><span>badbotscustom = Sogou web spider|DotBot|AhrefsBot|Baiduspider|PetalBot|WOW64|Daum|Barkrowler|360Spider|Buck|Photon|SEOkicks|magpie-crawler|SemrushBot|SeznamBot|MJ12bot|EmailCollector|WebEMailExtrac|TrackBack/1\.02|sogou music spider|(?:Mozilla/\d+\.\d+ )?Jorgee </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 5</span><span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 6</span><span>badbots = Atomic_Email_Hunter/4\.0|atSpider/1\.0|autoemailspider|bwh3_user_agent|China Local Browse 2\.6|ContactBot/0\.2|ContentSmartz|DataCha0s/2\.0|DBrowse 1\.4b|DBrowse 1\.4d|Demo Bot DOT 16b|Demo Bot Z 16b|DSurf15a 01|DSurf15a 71|DSurf15a 81|DSurf15a VA|EBrowse 1\.4b|Educate Search VxB|EmailSiphon|EmailSpider|EmailWolf 1\.00|ESurf15a 15|ExtractorPro|Franklin Locator 1\.8|FSurf15a 01|Full Web Bot 0416B|Full Web Bot 0516B|Full Web Bot 2816B|Guestbook Auto Submitter|Industry Program 1\.0\.x|ISC Systems iRc Search 2\.1|IUPUI Research Bot v 1\.9a|LARBIN-EXPERIMENTAL \(efp@gmx\.net\)|LetsCrawl\.com/1\.0 \+http\://letscrawl\.com/|Lincoln State Web Browser|LMQueueBot/0\.2|LWP\:\:Simple/5\.803|Mac Finder 1\.0\.xx|MFC Foundation Class Library 4\.0|Microsoft URL Control - 6\.00\.8xxx|Missauga Locate 1\.0\.0|Missigua Locator 1\.9|Missouri College Browse|Mizzu Labs 2\.2|Mo College 1\.9|MVAClient|Mozilla/2\.0 \(compatible; NEWT ActiveX; Win32\)|Mozilla/3\.0 \(compatible; Indy Library\)|Mozilla/3\.0 \(compatible; scan4mail \(advanced version\) http\://www\.peterspages\.net/?scan4mail\)|Mozilla/4\.0 \(compatible; Advanced Email Extractor v2\.xx\)|Mozilla/4\.0 \(compatible; Iplexx Spider/1\.0 http\://www\.iplexx\.at\)|Mozilla/4\.0 \(compatible; MSIE 5\.0; Windows NT; DigExt; DTS Agent|Mozilla/4\.0 efp@gmx\.net|Mozilla/5\.0 \(Version\: xxxx Type\:xx\)|NameOfAgent \(CMS Spider\)|NASA Search 1\.0|Nsauditor/1\.x|PBrowse 1\.4b|PEval 1\.4b|Poirot|Port Huron Labs|Production Bot 0116B|Production Bot 2016B|Production Bot DOT 3016B|Program Shareware 1\.0\.2|PSurf15a 11|PSurf15a 51|PSurf15a VA|psycheclone|RSurf15a 41|RSurf15a 51|RSurf15a 81|searchbot admin@google\.com|ShablastBot 1\.0|snap\.com beta crawler v0|Snapbot/1\.0|Snapbot/1\.0 \(Snap Shots&amp;#44; \+http\://www\.snap\.com\)|sogou develop spider|Sogou Orion spider/3\.0\(\+http\://www\.sogou\.com/docs/help/webmasters\.htm#07\)|sogou spider|Sogou web spider/3\.0\(\+http\://www\.sogou\.com/docs/help/webmasters\.htm#07\)|sohu agent|SSurf15a 11 |TSurf15a 11|Under the Rainbow 2\.2|User-Agent\: Mozilla/4\.0 \(compatible; MSIE 6\.0; Windows NT 5\.1\)|VadixBot|WebVulnCrawl\.unknown/1\.0 libwww-perl/5\.803|Wells Search II|WEP Search 00 </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 7</span><span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 8</span><span>failregex = ^&lt;HOST&gt; -.*&#34;(GET|POST|HEAD).*HTTP.*&#34;*(?:%(badbots)s|%(badbotscustom)s).*&#34;$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 9</span><span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">10</span><span>ignoreregex = </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">11</span><span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">12</span><span>datepattern = {^LN-BEG}%%ExY(?P&lt;_sep&gt;[-/.])%%m(?P=_sep)%%d[T ]%%H:%%M:%%S(?:[.,]%%f)?(?:\s*%%z)? </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">13</span><span> ^[^\[]*\[({DATE}) </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">14</span><span> {^LN-BEG} </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">15</span><span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">16</span><span>/etc/fail2ban/filter.d/nginx-badbots.conf </span></span></code></pre></div><h2 id="自定義規則">自定義規則<a class="anchorjs-link" href="#%e8%87%aa%e5%ae%9a%e7%be%a9%e8%a6%8f%e5%89%87"></a></h2><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-fallback" data-lang="fallback"><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 1</span><span># /etc/fail2ban/filter.d/nginx-custom.conf </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 2</span><span>[Definition] </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 3</span><span>failregex = ^&lt;HOST&gt; \- \S+ \[\] \&#34;(GET|POST|HEAD) .+XDEBUG.+$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 4</span><span> ^&lt;HOST&gt; \- \S+ \[\] \&#34;(GET|POST|HEAD) .+GponForm.+$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 5</span><span> ^&lt;HOST&gt; \- \S+ \[\] \&#34;(GET|POST|HEAD) .+phpunit.+$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 6</span><span> ^&lt;HOST&gt; \- \S+ \[\] \&#34;(GET|POST|HEAD) .+ajax-index\.php .+$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 7</span><span> ^&lt;HOST&gt; \- \S+ \[\] \&#34;(GET|POST|HEAD) .+sellers\.json .+$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 8</span><span> ^&lt;HOST&gt; \- \S+ \[\] \&#34;(GET|POST|HEAD) .+adminer\.php .+$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f"> 9</span><span> ^&lt;HOST&gt; \- \S+ \[\] \&#34;(GET|POST|HEAD) .+wp-configuration\.php.+$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">10</span><span> ^&lt;HOST&gt; \- \S+ \[\] \&#34;(GET|POST|HEAD) .+ThinkPHP.+$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">11</span><span> ^&lt;HOST&gt; \- \S+ \[\] \&#34;(GET|POST|HEAD) .+wp-config.+$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">12</span><span> ^&lt;HOST&gt; \- \S+ \[\] \&#34;(GET|POST|HEAD) .+dede\/login\.php .+$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">13</span><span> ^&lt;HOST&gt; \- \S+ \[\] \&#34;(GET|POST|HEAD) .+plus\/recommend\.php .+$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">14</span><span> ^&lt;HOST&gt; \- \S+ \[\] \&#34;(GET|POST|HEAD) .+e\/install\/index.php .+$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">15</span><span> ^&lt;HOST&gt; \- \S+ \[\] \&#34;(GET|POST|HEAD) .+m\/e\/install\/index\.php .+$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">16</span><span> ^&lt;HOST&gt; \- \S+ \[\] \&#34;(GET|POST|HEAD) .+e_bak\/install\/index.php .+$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">17</span><span> ^&lt;HOST&gt; \- \S+ \[\] \&#34;(GET|POST|HEAD) .+\.aspx .+$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">18</span><span> ^&lt;HOST&gt; \- \S+ \[\] \&#34;(GET|POST|HEAD) .+\.act .+$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">19</span><span> ^&lt;HOST&gt;.*] &#34;(GET|POST|HEAD) .*xmlrpc\.php.* </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">20</span><span> ^&lt;HOST&gt; -.*&#34;(GET|POST|HEAD).*HTTP\/1\.1.*&#34;*.Mozilla/5\.0 \(Windows NT 6\.1\; rv\:60\.0\) Gecko\/20100101 Firefox\/60\.0.*&#34;$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">21</span><span> ^&lt;HOST&gt; -.*&#34;(GET|POST|HEAD).*HTTP\/1\.1.*&#34;*.Photon.*&#34;$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">22</span><span> ^&lt;HOST&gt; -.*&#34;(GET|POST|HEAD).*HTTP\/1\.1.*&#34;*.Mozilla\/5\.0 zgrab\/0\.x.*&#34;$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">23</span><span> ^&lt;HOST&gt; -.*&#34;(GET|POST|HEAD).*HTTP\/1\.1.*&#34;*.XTC.*&#34;$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">24</span><span> ^&lt;HOST&gt; -.*&#34;(GET|POST|HEAD).*HTTP\/1\.1.*&#34;*.python-requests.*&#34;$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">25</span><span> ^&lt;HOST&gt; -.*&#34;(GET|POST|HEAD).*HTTP\/1\.1.*&#34;*.bidswitchbot.*&#34;$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">26</span><span> ^&lt;HOST&gt; -.*&#34;(GET|POST|HEAD).*HTTP\/1\.1.*&#34;*.Google-adstxt.*&#34;$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">27</span><span> ^&lt;HOST&gt; -.*&#34;(GET|POST|HEAD).*HTTP\/1\.1.*&#34;*.Apache-HttpClient.*&#34;$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">28</span><span> ^&lt;HOST&gt;.*] &#34;POST .*HTTP\/1\.1.* </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">29</span><span> ^&lt;HOST&gt; -.*&#34;(GET|POST|HEAD).*HTTP\/1\.1.*&#34;*.Go-http-client\/1\.1.*&#34;$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">30</span><span> ^&lt;HOST&gt; .* &#34;.*\\x.*&#34; .*$ </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">31</span><span> ^&lt;HOST&gt; -.*&#34;(GET|POST|HEAD) .+wp-login\.php .*HTTP\/1\.1.* </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">32</span><span> ^&lt;HOST&gt; -.*&#34;(GET|POST|HEAD) .*wp-includes/wlwmanifest.xml .*HTTP\/1\.1.* </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">33</span><span>ignoreregex = ^&lt;HOST&gt;.*] &#34;POST /xmlrpc\.php\?for=jetpack.* </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">34</span><span> ^&lt;HOST&gt;.*] &#34;POST /wp-cron\.php\?doing_wp_cron=.* </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">35</span><span>datepattern = {^LN-BEG}%%ExY(?P&lt;_sep&gt;[-/.])%%m(?P=_sep)%%d[T ]%%H:%%M:%%S(?:[.,]%%f)?(?:\s*%%z)? </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">36</span><span> ^[^\[]*\[({DATE}) </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">37</span><span> {^LN-BEG} </span></span></code></pre></div><p>簡要說明一下:</p> 修復SSL_do_handshake() failed 錯誤 https://szeching.com/fix-ssl_do_handshake_faild_error/ Tue, 09 Jun 2020 04:20:24 +0000 https://szeching.com/fix-ssl_do_handshake_faild_error/ <p>最近WP網站遇到了詭異的問題,Jetpack 的統計數據與 Google Analytics 上的不一致,wordpress.com 面板上又顯示無法訪問這個站點,但是 Y Chueng 用瀏覽器打開網站又正常,很奇怪。然後本應該在昨日計劃發佈的 Post 沒有被發佈。太奇怪了。</p> 再談網站HTTPS升級 https://szeching.com/how-to-request-and-install-ssl-cetificate/ Mon, 19 Mar 2018 13:48:09 +0000 https://szeching.com/how-to-request-and-install-ssl-cetificate/ <p>Y.Cheung 曾於 2016 年時寫過一篇《 <a href="https://szeching.com/enable-https-with-certbot-on-centos-7/" target="_blank">Centos 7 使用 certbot 安裝Let’s Encrypt SSL 證書</a> 》,最近因爲幫忙升級了幾個站點,使用了一些免費/收費的SSL憑證服務,特寫此篇記錄一下流程思路送給整天吐槽Y.Cheung沒耐心教人的某只。</p> Centos 7 使用 certbot 安裝Let’s Encrypt SSL 證書 https://szeching.com/enable-https-with-certbot-on-centos-7/ Thu, 06 Oct 2016 14:33:33 +0000 https://szeching.com/enable-https-with-certbot-on-centos-7/ <h2 id="安裝環境">安裝環境<a class="anchorjs-link" href="#%e5%ae%89%e8%a3%9d%e7%92%b0%e5%a2%83"></a></h2><ul> <li>CentOS7 主機</li> <li>Nginx</li> </ul> <h2 id="操作步驟">操作步驟<a class="anchorjs-link" href="#%e6%93%8d%e4%bd%9c%e6%ad%a5%e9%a9%9f"></a></h2><h3 id="安裝certbot">安裝certbot<a class="anchorjs-link" href="#%e5%ae%89%e8%a3%9dcertbot"></a></h3><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">1</span><span><span style="color:#6272a4">#如果你已經安裝了EPEL,這個步驟可以省略</span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">2</span><span>sudo yum install epel-release </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">3</span><span><span style="color:#6272a4">#安裝certbot客戶端</span> </span></span><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">4</span><span>sudo yum install certbot </span></span></code></pre></div><h3 id="使用嚮導自動安裝證書">使用嚮導自動安裝證書<a class="anchorjs-link" href="#%e4%bd%bf%e7%94%a8%e5%9a%ae%e5%b0%8e%e8%87%aa%e5%8b%95%e5%ae%89%e8%a3%9d%e8%ad%89%e6%9b%b8"></a></h3><p>使用certbot嚮導安裝,有界面,根據指示一步步操作就行,但是YCHEUNG進行到設置webroot的時候就error了,只好放棄</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-fallback" data-lang="fallback"><span style="display:flex;"><span style="white-space:pre;-webkit-user-select:none;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#7f7f7f">1</span><span>$certbot certonly </span></span></code></pre></div><p><figure> <a class="paragraph-image"> <img data-src="https://szeching.com/images/certbot1.PNG" data-action="zoom" alt="" class="lazyload"> </a> </figure></p> <h3 id="命令行安裝證書">命令行安裝證書<a class="anchorjs-link" href="#%e5%91%bd%e4%bb%a4%e8%a1%8c%e5%ae%89%e8%a3%9d%e8%ad%89%e6%9b%b8"></a></h3><p>如果失敗,可以自行使用命令行安裝。用 <code>certbot certonly</code>命令,加上參數 <code>--webroot</code>表示使用webroot的方式安裝,或者你也可以使用<code>--standalone</code>方式安裝,standalone安裝需要使用80端口,也就是說一般你的站點需要暫停運行一段時間,不太友好。<code>webroot</code>則是它會生成一些文件到你的網站目錄下,然後訪問看驗證是否存在,所以使用這種方式的話,你需要在 nginx 裡面做設置,使它生成的驗證文件能夠被訪問。</p> DETEKT:檢查電腦是否被安裝間諜程式 https://szeching.com/detekt-test-result/ Thu, 20 Nov 2014 06:38:04 +0000 https://szeching.com/detekt-test-result/ <blockquote> <p>❗ 該軟體已停止更新,Y Cheung發現github上有個備份的repo: <a href="https://github.com/eReader/detekt" target="_blank">https://github.com/eReader/detekt</a></p></blockquote> <p>看到朋友分享一個叫Detekt 的軟件,據說是用來掃描Windows系統的電腦,看看有沒有被什麼間諜軟件悄悄監控着。官網說明倒是煞有其事,它主要是針對保護人權鬥士、記者、宗教人士等進行RESIST SURVEILLANCE,這同時也是一個python開源項目 。</p>