nginx 日志里 N 多类似这样的记录:
172.68.244.177 - - [04/Aug/2024:04:04:10 -0400] "GET /find-app/%E0%B8%AD%E0%B8%B2%E0%B8%8A%E0%B8%B5%E0%B8%9E%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%8A%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%B9%E0%B9%88%E0%B8%AB%E0%B8%A5%E0%B8%B4%E0%B8%87%E0%B8%84%E0%B8%B7%E0%B8%AD%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%95%E0%B8%81%E0%B8%9B%E0%B8%A5%E0%B8%B2%E3%80%90ta777.me%E3%80%91%E0%B8%AD%E0%B8%B2%E0%B8%8A%E0%B8%B5%E0%B8%9E%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%8A%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%B9%E0%B9%88%E0%B8%AB%E0%B8%A5%E0%B8%B4%E0%B8%87%E0%B8%84%E0%B8%B7%E0%B8%AD%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%95%E0%B8%81%E0%B8%9B%E0%B8%A5%E0%B8%B2%E3%80%90ta777.me%E3%80%91w7t?page=2 HTTP/1.1" 403 571 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) Chrome/116.0.1938.76 Safari/537.36" 52.167.144.211
172.71.222.36 - - [04/Aug/2024:04:04:10 -0400] "GET /find-app/%E6%B9%96%E5%8D%97%E6%B0%B4%E5%88%A9%E6%B0%B4%E7%94%B5%E8%81%8C%E4%B8%9A%E6%8A%80%E6%9C%AF%E5%AD%A6%E9%99%A2%E6%AF%95%E4%B8%9A%E8%AF%81%E6%A0%B7%E6%9C%AC%E5%9B%BE%E7%89%87%E2%8F%A9%E5%8A%9E%E7%90%86%E7%BD%91zhengjian.shop%E2%8F%AA-%E5%93%AA%E9%87%8C%E4%B9%B0%E6%B9%96%E5%8D%97%E6%B0%B4%E5%88%A9%E6%B0%B4%E7%94%B5%E8%81%8C%E4%B8%9A%E6%8A%80%E6%9C%AF%E5%AD%A6%E9%99%A2%E6%AF%95%E4%B8%9A%E8%AF%81%E6%A0%B7%E6%9C%AC%E5%9B%BE%E7%89%87%F0%9F%8C%9F%E5%8A%9E%E8%AF%81%E7%BD%91zhengjian.shop%F0%9F%8C%9F-%E5%BC%A0%E5%AE%B6%E6%B8%AF%E6%B9%96%E5%8D%97%E6%B0%B4%E5%88%A9%E6%B0%B4%E7%94%B5%E8%81%8C%E4%B8%9A%E6%8A%80%E6%9C%AF%E5%AD%A6%E9%99%A2%E6%AF%95%E4%B8%9A%E8%AF%81%E6%A0%B7%E6%9C%AC%E5%9B%BE%E7%89%87%E5%93%AA%E9%87%8C%E6%9C%89-%E5%93%AA%E9%87%8C%E5%8A%9E%E6%B9%96%E5%8D%97%E6%B0%B4%E5%88%A9%E6%B0%B4%E7%94%B5%E8%81%8C%E4%B8%9A%E6%8A%80%E6%9C%AF%E5%AD%A6%E9%99%A2%E6%AF%95%E4%B8%9A%E8%AF%81%E6%A0%B7%E6%9C%AC%E5%9B%BE%E7%89%87Q5?page=3 HTTP/1.1" 403 571 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) Chrome/116.0.1938.76 Safari/537.36" 52.167.144.211
以下是完整配置
server
{
listen 80;
listen 443 ssl;
#
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;
## ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;
## enable HSTS including subdomains
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
server_name domain.com www.domain.com;
index index.html index.htm index.php;
root /opt/htdocs/www.domain.com/public;
#301
if ($host = 'domain.com') {
rewrite ^/(.*)$ https://www.domain.com/$1 permanent;
}
#location ~ /find-app {
if ($http_user_agent ~* "bingbot|AhrefsBot") {
return 403;
}
#}
location / {
try_files $uri $uri/ /index.php?$query_string;
}
#申请 let’s Encrypt SSL 用
location ~ /.well-known {
allow all;
}
if (!-e $request_filename) {
}
location ~ .*\.(php|php5)?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 15d;
}
access_log /data0/logs/domain.log access;
}
