Как правильно защитить сайт от взлома

Discussion in 'Установка и обновление Joomla!' started by romansom, May 20, 2014.

  1. Offline

    romansom Пользователь

    Joined:
    Mar 21, 2014
    Messages:
    68
    Likes Received:
    1
    Gender:
    Male
    Посмотрел файл error.php
    Выдал полотно ошибок, где
    Каждую секунду с 4-6 ip - Имя пользователя и пароль не совпадают или у вас еще нет учетной записи на сайте
     
    Last edited: May 20, 2014
    romansom, May 20, 2014
    #1

  2. Ads Master

     
  3. OlegK
    Offline

    OlegK Russian Joomla! Team Staff Member ⇒ Профи ⇐

    Joined:
    Jan 17, 2011
    Messages:
    7,812
    Likes Received:
    771
    Gender:
    Male
    Забань IP for .htaccess .Установи плагин защиты админки.Регистрация разрешена на сайте ?
     
    OlegK, May 20, 2014
    #2
  4. Offline

    romansom Пользователь

    Joined:
    Mar 21, 2014
    Messages:
    68
    Likes Received:
    1
    Gender:
    Male
    • Как забанить в .htaccess? файл который в корне сайта?а если таких ip 6-8
    • Регистрация нет
     
    romansom, May 20, 2014
    #3
  5. OlegK
    Offline

    OlegK Russian Joomla! Team Staff Member ⇒ Профи ⇐

    Joined:
    Jan 17, 2011
    Messages:
    7,812
    Likes Received:
    771
    Gender:
    Male
    Код (CODE):
    1. Order Allow,Deny
    2. Allow from All
    3. Deny from IP
     
    OlegK, May 20, 2014
    #4
  6. Offline

    romansom Пользователь

    Joined:
    Mar 21, 2014
    Messages:
    68
    Likes Received:
    1
    Gender:
    Male

    На сколько я Вас понял
    Это вписывается в основной .htacess или тот который лежит в папку administrator?

    1. Allow from - свой ip можно?
    2. Deny from IP- через запятую все которые ломятся?
     
    romansom, May 20, 2014
    #5
  7. OlegK
    Offline

    OlegK Russian Joomla! Team Staff Member ⇒ Профи ⇐

    Joined:
    Jan 17, 2011
    Messages:
    7,812
    Likes Received:
    771
    Gender:
    Male
    Order Allow,Deny
    Allow from All
    Deny from 91.221.109.101
    deny from 95.169.190.137
    deny from 178.86.28.40
    deny from 5.39.114.98
    deny from 195.43.82.103
    deny from 77.120.115.197
    deny from 78.162.185.167
    deny from 78.175.19.113
    deny from 91.122.9.247
    Deny from 94.228.220.68
    Deny from 72.77.172.26
    Deny from 184.82.181.103
    Deny from 188.165.125.51
    Deny from 89.35.148.68
    Deny from 131.246.19.180
    Deny from 193.146.101.98
    Deny from 80.69.163.62
    Deny from 37.9.53.129
    Deny from 91.231.87.87
    Deny from 37.57.231.118
    Deny from 216.246.35.49
    Deny from 216.119.134.194
    ## Блокировка по USER AGENT:
    RewriteCond %{HTTP_USER_AGENT} MJ12bot [OR]
    RewriteCond %{HTTP_USER_AGENT} Java [OR]
    RewriteCond %{HTTP_USER_AGENT} NjuiceBot [OR]
    RewriteCond %{HTTP_USER_AGENT} Gigabot [OR]
    RewriteCond %{HTTP_USER_AGENT} Baiduspider [OR]
    RewriteCond %{HTTP_USER_AGENT} JS-Kit [OR]
    RewriteCond %{HTTP_USER_AGENT} Voyager [OR]
    RewriteCond %{HTTP_USER_AGENT} PostRank [OR]
    RewriteCond %{HTTP_USER_AGENT} PycURL [OR]
    RewriteCond %{HTTP_USER_AGENT} Aport [OR]
    RewriteCond %{HTTP_USER_AGENT} ia_archiver [OR]
    RewriteCond %{HTTP_USER_AGENT} DotBot [OR]
    RewriteCond %{HTTP_USER_AGENT} SurveyBot [OR]
    RewriteCond %{HTTP_USER_AGENT} larbin [OR]
    RewriteCond %{HTTP_USER_AGENT} Butterfly [OR]
    RewriteCond %{HTTP_USER_AGENT} libwww [OR]
    RewriteCond %{HTTP_USER_AGENT} Wget [OR]
    RewriteCond %{HTTP_USER_AGENT} SWeb [OR]
    RewriteCond %{HTTP_USER_AGENT} LinkExchanger [OR]
    RewriteCond %{HTTP_USER_AGENT} Soup [OR]
    RewriteCond %{HTTP_USER_AGENT} WordPress [OR]
    RewriteCond %{HTTP_USER_AGENT} PHP/ [OR]
    RewriteCond %{HTTP_USER_AGENT} spbot [OR]
    RewriteCond %{HTTP_USER_AGENT} MLBot [OR]
    RewriteCond %{HTTP_USER_AGENT} InternetSeer [OR]
    RewriteCond %{HTTP_USER_AGENT} FairShare [OR]
    RewriteCond %{HTTP_USER_AGENT} Yeti [OR]
    RewriteCond %{HTTP_USER_AGENT} Birubot [OR]
    RewriteCond %{HTTP_USER_AGENT} YottosBot [OR]
    RewriteCond %{HTTP_USER_AGENT} gold\ crawler [OR]
    RewriteCond %{HTTP_USER_AGENT} Linguee [OR]
    RewriteCond %{HTTP_USER_AGENT} Ezooms [OR]
    RewriteCond %{HTTP_USER_AGENT} lwp-trivial [OR]
    RewriteCond %{HTTP_USER_AGENT} Purebot [OR]
    RewriteCond %{HTTP_USER_AGENT} User-Agent [OR]
    RewriteCond %{HTTP_USER_AGENT} kmSearchBot [OR]
    RewriteCond %{HTTP_USER_AGENT} SiteBot [OR]
    RewriteCond %{HTTP_USER_AGENT} CamontSpider [OR]
    RewriteCond %{HTTP_USER_AGENT} ptd-crawler [OR]
    RewriteCond %{HTTP_USER_AGENT} HTTrack [OR]
    RewriteCond %{HTTP_USER_AGENT} suggybot [OR]
    RewriteCond %{HTTP_USER_AGENT} ttCrawler [OR]
    RewriteCond %{HTTP_USER_AGENT} Nutch [OR]
    RewriteCond %{HTTP_USER_AGENT} Zeus
    RewriteRule ^(.*)$ – [F,L]
    В самом начале файла прописываешь,.htaccess в корне сайта
     
    OlegK, May 20, 2014
    #6
    romansom and OlegM like this.
< Кто может обновить мой сайт | Akeeba Backup восстановление сайта- 404 ошибка на материалы >

Share This Page

Loading...