最近小学生 IDC 越来越多了呢,小学生 IDC 的标配是什么!没错 就是 kangle+easypanel
本教程将会分享一些本人搜集到的方法.基本上都是通过 3311 输入代码来搞定.
本文感谢小樱和 UPUPW
一.禁止目录执行
先点击右边的请求控制 选择添加 目标 选择拒绝 俩个匹配模块 reg_path
分别写入 记得勾选 nc 详细和图片对比
.*\/((attachment)|(attachments)|(uploadfiles)|(avatar))\/
\.((php)|(php5)|(php7)|(phps)|(jsp)|(asp)|(aspx)|(asa)|(asax)|(ascx)|(ashx)|(asmx)|(axd)).*$
二.保护系统文件
先点击右边的请求控制 选择添加 目标 选择拒绝 匹配模块 url
分别写入 记得勾选 nc 详细和图片对比
\.(htaccess|uini)
三.保护敏感文件
先点击右边的请求控制 选择添加 目标 选择拒绝 匹配模块 url
分别写入 记得勾选 nc 详细和图片对比
(up.+\.|web\.|httpd\.)(conf|log|config|ini)
四.获取真实 IP
先点击右边的请求控制 选择添加 直接添加 选择继续 标记模块 replace_ip
header 处写入 详细和图片对比
X-Forwarded-For
五.防止木马上传
先点击右边的请求控制 选择添加 直接添加 选择拒绝 标记模块选择 post_file 之后选择 ignore
详细和图片对比
\.((php)|(php5)|(php7)|(phps)|(jsp)|(asp)|(aspx)|(asa)|(asax)|(ascx)|(ashx)|(asmx)|(axd)|(html)|(htm)|(js))$
六.设置 17CE 和奇云测全绿功能
本功能纯属自慰,就是转发一下链接.哈哈哈哈哈~让小学生买你主机认为你家机子很快~有点狂哦~
方法都一样.那我就不写俩遍了就拿 17ce 为案例
打开 3311 面板在请求控制里面添加 目标继续 匹配模块选择 referer 输入 http://www.17ce.com|
之后在标记模块选择 redirect 之后输入 code 输入 301
https://static-s.bilibili.com/error/404.png
七.设置防御 CC
这个功能只能在商业版有效 请使用 kangle.in 升级商业版 我稍后写一个升级商业版的教程
先点击右边的请求控制 选择添加 直接添加 选择继续 标记模块选择 anti_cc
request 和 second 自己按照需求设置
记得勾选 white list 和 fix_url
详细和图片对比
HTTP/1.1 503 OK
Content-Type: text/html; charset=utf-8
Connection: close
Cache-Control: no-cache,no-store
Recaptcha: sakura
<html>
<head>
<meta charset="UTF-8">
<!--[if IE 8]><style>.ie8 .alert-circle,.ie8 .alert-footer{display:none}.ie8 .alert-box{padding-top:75px}.ie8 .alert-sec-text{top:45px}</style><![endif]-->
<title>浏览器安全检查中-VPSPS.COM</title>
<style>
body {
margin: 0;
padding: 0;
background: #E6EAEB;
font-family: Arial, '微软雅黑', '宋体', sans-serif
}
.alert-box {
display: none;
position: relative;
margin: 96px auto 0;
padding: 180px 85px 22px;
border-radius: 10px 10px 0 0;
background: #FFF;
box-shadow: 5px 9px 17px rgba(102,102,102,0.75);
width: 286px;
color: #FFF;
text-align: center
}
.alert-box p {
margin: 0
}
.alert-circle {
position: absolute;
top: -50px;
left: 111px
}
.alert-sec-circle {
stroke-dashoffset: 0;
stroke-dasharray: 735;
transition: stroke-dashoffset 1s linear
}
.alert-sec-text {
position: absolute;
top: 11px;
left: 190px;
width: 76px;
color: #000;
font-size: 68px
}
.alert-sec-unit {
font-size: 34px
}
.alert-body {
margin: 35px 0
}
.alert-head {
color: #242424;
font-size: 28px
}
.alert-concent {
margin: 25px 0 14px;
color: #7B7B7B;
font-size: 18px
}
.alert-concent p {
line-height: 27px
}
.alert-btn {
display: block;
border-radius: 10px;
background-color: #4AB0F7;
height: 55px;
line-height: 55px;
width: 286px;
color: #FFF;
font-size: 20px;
text-decoration: none;
letter-spacing: 2px
}
.alert-btn:hover {
background-color: #6BC2FF
}
.alert-footer {
margin: 0 auto;
height: 42px;
width: 120px
}
.alert-footer-icon {
float: left
}
.alert-footer-text {
float: left;
border-left: 2px solid #EEE;
padding: 3px 0 0 5px;
height: 40px;
color: #0B85CC;
font-size: 12px;
text-align: left
}
.alert-footer-text p {
color: #7A7A7A;
font-size: 22px;
line-height: 18px
}
</style>
</head>
<body class="ie8">
<div id="js-alert-box" class="alert-box">
<svg class="alert-circle" width="234" height="234">
<circle cx="117" cy="117" r="108" fill="#FFF" stroke="#43AEFA" stroke-width="17"></circle>
<circle id="js-sec-circle" class="alert-sec-circle" cx="117" cy="117" r="108" fill="transparent" stroke="#F4F1F1" stroke-width="18" transform="rotate(-90 117 117)"></circle>
<text class="alert-sec-unit" x="82" y="172" fill="#BDBDBD">秒</text>
</svg>
<div id="js-sec-text" class="alert-sec-text"></div>
<div class="alert-body">
<div id="js-alert-head" class="alert-head"></div>
<div class="alert-concent">
<p>您好我们检测到您有异常行为</p>
<p>正在对你的浏览器进行安全检查</p>
</div>
<a href="http://idc.ac/" target="_blank" class="alert-btn" id="js-alert-btn" style="display:none">退出安全检查</a>
</div>
<div class="alert-footer clearfix">
<svg width="46px" height="42px" class="alert-footer-icon">
<circle fill-rule="evenodd" clip-rule="evenodd" fill="#7B7B7B" stroke="#DEDFE0" stroke-width="2" stroke-miterlimit="10" cx="21.917" cy="21.25" r="17"/>
<path fill="#FFF" d="M22.907,27.83h-1.98l0.3-2.92c-0.37-0.22-0.61-0.63-0.61-1.1c0-0.71,0.58-1.29,1.3-1.29s1.3,0.58,1.3,1.29 c0,0.47-0.24,0.88-0.61,1.1L22.907,27.83z M18.327,17.51c0-1.98,1.61-3.59,3.59-3.59s3.59,1.61,3.59,3.59v2.59h-7.18V17.51z M27.687,20.1v-2.59c0-3.18-2.59-5.76-5.77-5.76s-5.76,2.58-5.76,5.76v2.59h-1.24v10.65h14V20.1H27.687z"/>
<circle fill-rule="evenodd" clip-rule="evenodd" fill="#FEFEFE" cx="35.417" cy="10.75" r="6.5"/>
<polygon fill="#7B7B7B" stroke="#7B7B7B" stroke-linecap="round" stroke-linejoin="round" stroke-miterlimit="10" points="35.417,12.16 32.797,9.03 31.917,10.07 35.417,14.25 42.917,5.29 42.037,4.25 "/>
</svg>
<div class="alert-footer-text"><p>secure</p>安全加密 </div>
</div>
</div>
<script type="text/javascript">
function alertSet(e) {
document.getElementById("js-alert-box").style.display = "block",
document.getElementById("js-alert-head").innerHTML = e;
var t = 5,
n = document.getElementById("js-sec-circle");
document.getElementById("js-sec-text").innerHTML = t,
setInterval(function() {
if (1 > t){
location.href="{{murl}}";
}else {
t -= 1,
document.getElementById("js-sec-text").innerHTML = t;
var e = Math.round(t / 5 * 735);
n.style.strokeDashoffset = e - 735
}
if (2 == t){
document.getElementById("js-alert-btn").setAttribute("href","{{murl}}");
document.getElementById("js-alert-btn").setAttribute("style","font-weight:bold");
}
},
970);
}
</script>
<script>alertSet('浏览器安全检查中');</script>
</body>
</html>
九.防 SQL 注入
先点击右边的请求控制 选择添加 直接添加 选择拒绝 标记模块选择 param
之后在 param value:(regex) 输入
'.*[; ]?((or)|(insert)|(select)|(union)|(update)|(delete)|(replace)|(create)|(drop)|(alter)|(grant)|(load)|(show)|(exec))[\s(]
之后
ignore casegetpost
详细和图片对比
十.优化配置
十一.设置 mime 类型
设置 mime 类型 最强谷歌优化设置,增加浏览器缓存,加快 web 访问速度
下面列举出一些常用的格式,可以更加需要来添加。
3gp
|
video/3gpp
|
|
31536000
|
avi
|
video/x-msvideo
|
|
31536000
|
css
|
text/css
|
yes
|
31536000
|
dll
|
application/octet-stream
|
|
31536000
|
doc
|
application/msword
|
|
31536000
|
exe
|
application/octet-stream
|
|
31536000
|
flv
|
video/x-flv
|
|
31536000
|
gif
|
image/gif
|
yes
|
31536000
|
gz
|
application/x-tar
|
|
31536000
|
htm
|
text/html
|
yes
|
31536000
|
html
|
text/html
|
yes
|
31536000
|
ico
|
image/x-icon
|
yes
|
31536000
|
jpg
|
image/jpeg
|
yes
|
31536000
|
js
|
text/javascript
|
yes
|
31536000
|
mp3
|
audio/mpeg
|
|
31536000
|
mp4
|
video/mp4
|
|
31536000
|
png
|
image/png
|
yes
|
31536000
|
rar
|
application/x-rar-compressed
|
|
31536000
|
sh
|
application/x-sh
|
|
31536000
|
swf
|
application/x-shockwave-flash
|
|
31536000
|
tar
|
application/x-tar
|
|
31536000
|
xml
|
text/xml
|
yes
|
31536000
|
zip
|
application/x-zip-compressed
|
|
31536000
|
bmp
|
image/x-bmp
|
yes
|
31536000
|
pac
|
text/plain
|
yes
|
31536000
|
31536000 是谷歌推荐使用的,百度用的 315360000(十年)。腾讯用的是 600。
您可以直接修改配置文件
<vhs >
<mime_type ext='*' type='text/plain' gzip='1' max_age='31536000'/>
<mime_type ext='3gp' type='video/3gpp' max_age='31536000'/>
<mime_type ext='3gpp' type='video/3gpp' max_age='31536000'/>
<mime_type ext='ai' type='application/postscript' max_age='31536000'/>
<mime_type ext='aif' type='audio/x-aiff' max_age='31536000'/>
<mime_type ext='aifc' type='audio/x-aiff' max_age='31536000'/>
<mime_type ext='aiff' type='audio/x-aiff' max_age='31536000'/>
<mime_type ext='amr' type='audio/amr' max_age='31536000'/>
<mime_type ext='arj' type='application/x-arj-compressed' max_age='31536000'/>
<mime_type ext='atom' type='application/atom+xml' max_age='31536000'/>
<mime_type ext='au' type='audio/basic' max_age='31536000'/>
<mime_type ext='avi' type='video/x-msvideo' max_age='31536000'/>
<mime_type ext='bcpio' type='application/x-bcpio' max_age='31536000'/>
<mime_type ext='bin' type='application/macbinary' max_age='31536000'/>
<mime_type ext='bmp' type='image/x-bmp' gzip='1' max_age='31536000'/>
<mime_type ext='c' type='text/plain' gzip='1' max_age='31536000'/>
<mime_type ext='cab' type='application/octet-stream' max_age='31536000'/>
<mime_type ext='cc' type='text/plain' gzip='1' max_age='31536000'/>
<mime_type ext='cdf' type='application/x-netcdf' max_age='31536000'/>
<mime_type ext='cod' type='text/x-co-desc' gzip='1' max_age='31536000'/>
<mime_type ext='core' type='application/octet-stream' max_age='31536000'/>
<mime_type ext='cpio' type='application/x-cpio' max_age='31536000'/>
<mime_type ext='cpp' type='text/plain' gzip='1' max_age='31536000'/>
<mime_type ext='csh' type='application/x-csh' max_age='31536000'/>
<mime_type ext='css' type='text/css' gzip='1' max_age='31536000'/>
<mime_type ext='dll' type='application/octet-stream' max_age='31536000'/>
<mime_type ext='doc' type='application/msword' max_age='31536000'/>
<mime_type ext='dvi' type='application/x-dvi' max_age='31536000'/>
<mime_type ext='ear' type='application/java-archive' max_age='31536000'/>
<mime_type ext='eps' type='application/postscript' max_age='31536000'/>
<mime_type ext='etx' type='text/x-setext' gzip='1' max_age='31536000'/>
<mime_type ext='exe' type='application/octet-stream' max_age='31536000'/>
<mime_type ext='f90' type='text/plain' gzip='1' max_age='31536000'/>
<mime_type ext='flv' type='video/x-flv' max_age='31536000'/>
<mime_type ext='gif' type='image/gif' gzip='1' max_age='31536000'/>
<mime_type ext='gtar' type='application/x-gtar' max_age='31536000'/>
<mime_type ext='gz' type='application/x-tar' max_age='31536000'/>
<mime_type ext='h' type='text/plain' gzip='1' max_age='31536000'/>
<mime_type ext='hdf' type='application/x-hdf' max_age='31536000'/>
<mime_type ext='hh' type='text/plain' gzip='1' max_age='31536000'/>
<mime_type ext='hqx' type='application/mac-binhex40' max_age='31536000'/>
<mime_type ext='htm' type='text/html' gzip='1' max_age='31536000'/>
<mime_type ext='html' type='text/html' gzip='1' max_age='31536000'/>
<mime_type ext='ico' type='image/x-icon' gzip='1' max_age='31536000'/>
<mime_type ext='ief' type='image/ief' gzip='1' max_age='31536000'/>
<mime_type ext='jad' type='text/vnd.sun.j2me.app-descriptor' gzip='1' max_age='31536000'/>
<mime_type ext='jar' type='application/java-archive' max_age='31536000'/>
<mime_type ext='jng' type='image/x-jng' gzip='1' max_age='31536000'/>
<mime_type ext='jpe' type='image/jpeg' gzip='1' max_age='31536000'/>
<mime_type ext='jpeg' type='image/jpeg' gzip='1' max_age='31536000'/>
<mime_type ext='jpg' type='image/jpeg' gzip='1' max_age='31536000'/>
<mime_type ext='js' type='application/x-javascript' gzip='1' max_age='31536000'/>
<mime_type ext='latex' type='application/x-latex' max_age='31536000'/>
<mime_type ext='lha' type='application/x-lha-compressed' max_age='31536000'/>
<mime_type ext='lsm' type='text/plain' gzip='1' max_age='31536000'/>
<mime_type ext='lzh' type='application/x-lha-compressed' max_age='31536000'/>
<mime_type ext='m' type='text/plain' gzip='1' max_age='31536000'/>
<mime_type ext='man' type='application/x-troff-man' max_age='31536000'/>
<mime_type ext='mbm' type='image/x-epoc-mbm' gzip='1' max_age='31536000'/>
<mime_type ext='me' type='application/x-troff-me' max_age='31536000'/>
<mime_type ext='mid' type='audio/midi' max_age='31536000'/>
<mime_type ext='midi' type='audio/midi' max_age='31536000'/>
<mime_type ext='mif' type='application/x-mif' max_age='31536000'/>
<mime_type ext='mmf' type='application/x-smaf' max_age='31536000'/>
<mime_type ext='mml' type='text/mathml' gzip='1' max_age='31536000'/>
<mime_type ext='mov' type='video/quicktime' max_age='31536000'/>
<mime_type ext='movie' type='video/x-sgi-movie' max_age='31536000'/>
<mime_type ext='mp2' type='audio/basic' max_age='31536000'/>
<mime_type ext='mp3' type='audio/mpeg' max_age='31536000'/>
<mime_type ext='mp4' type='video/mp4' max_age='31536000'/>
<mime_type ext='mpe' type='video/mpeg' max_age='31536000'/>
<mime_type ext='mpeg' type='video/mpeg' max_age='31536000'/>
<mime_type ext='mpg' type='video/mpeg' max_age='31536000'/>
<mime_type ext='ms' type='application/x-troff-ms' max_age='31536000'/>
<mime_type ext='msw' type='application/msword' max_age='31536000'/>
<mime_type ext='mwrt' type='application/macwriteii' max_age='31536000'/>
<mime_type ext='n3a' type='image/vnd.nok-3dscreensaver' gzip='1' max_age='31536000'/>
<mime_type ext='nc' type='application/x-netcdf' max_age='31536000'/>
<mime_type ext='ngd' type='application/x-nokiagamedata' max_age='31536000'/>
<mime_type ext='nok' type='image/vnd.nok-oplogo-colornokia-op-logo' gzip='1' max_age='31536000'/>
<mime_type ext='nqd' type='application/vnd.nokia.gamedata' max_age='31536000'/>
<mime_type ext='oda' type='application/oda' max_age='31536000'/>
<mime_type ext='pbm' type='image/x-portable-bitmap' gzip='1' max_age='31536000'/>
<mime_type ext='pdf' type='application/pdf' max_age='31536000'/>
<mime_type ext='pgm' type='image/x-portable-graymap' gzip='1' max_age='31536000'/>
<mime_type ext='pic' type='application/pict' max_age='31536000'/>
<mime_type ext='pict' type='application/pict' max_age='31536000'/>
<mime_type ext='pmd' type='application/x-pmd' max_age='31536000'/>
<mime_type ext='png' type='image/png' gzip='1' max_age='31536000'/>
<mime_type ext='pnm' type='image/x-portable-anymap' gzip='1' max_age='31536000'/>
<mime_type ext='ppm' type='image/x-portable-pixmap' gzip='1' max_age='31536000'/>
<mime_type ext='ps' type='application/postscript' max_age='31536000'/>
<mime_type ext='qcp' type='audio/vnd.qcelp' max_age='31536000'/>
<mime_type ext='qt' type='video/quicktime' max_age='31536000'/>
<mime_type ext='rar' type='application/x-rar-compressed' max_age='31536000'/>
<mime_type ext='ras' type='image/cmu-raster' gzip='1' max_age='31536000'/>
<mime_type ext='rgb' type='image/x-rgb' gzip='1' max_age='31536000'/>
<mime_type ext='rng' type='application/vnd.nokie.ringing-tone' max_age='31536000'/>
<mime_type ext='roff' type='application/x-troff' max_age='31536000'/>
<mime_type ext='rpm' type='application/x-rpm' max_age='31536000'/>
<mime_type ext='rss' type='application/rss+xml' max_age='31536000'/>
<mime_type ext='rtf' type='application/x-rtf' max_age='31536000'/>
<mime_type ext='rtx' type='text/richtext' gzip='1' max_age='31536000'/>
<mime_type ext='sh' type='application/x-sh' max_age='31536000'/>
<mime_type ext='shar' type='application/x-shar' max_age='31536000'/>
<mime_type ext='si' type='text/vnd.wap.si' gzip='1' max_age='31536000'/>
<mime_type ext='sic' type='application/vnd.wap.sic' max_age='31536000'/>
<mime_type ext='sis' type='application/vnd.symbian.install' max_age='31536000'/>
<mime_type ext='sit' type='application/stuffit' max_age='31536000'/>
<mime_type ext='sl' type='text/vnd.wap.sl' gzip='1' max_age='31536000'/>
<mime_type ext='slc' type='application/vnd.wap.slc' max_age='31536000'/>
<mime_type ext='snd' type='audio/basic' max_age='31536000'/>
<mime_type ext='src' type='application/x-wais-source' max_age='31536000'/>
<mime_type ext='sv4cpio' type='application/x-sv4cpio' max_age='31536000'/>
<mime_type ext='sv4crc' type='application/x-sv4crc' max_age='31536000'/>
<mime_type ext='svg' type='image/svg+xml' gzip='1' max_age='31536000'/>
<mime_type ext='svgz' type='image/svg+xml' gzip='1' max_age='31536000'/>
<mime_type ext='swf' type='application/x-shockwave-flash' max_age='31536000'/>
<mime_type ext='t' type='application/x-troff' max_age='31536000'/>
<mime_type ext='tar' type='application/x-tar' max_age='31536000'/>
<mime_type ext='tcl' type='application/x-tcl' max_age='31536000'/>
<mime_type ext='tex' type='application/x-tex' max_age='31536000'/>
<mime_type ext='texi' type='application/x-texinfo' max_age='31536000'/>
<mime_type ext='texinfo' type='application/x-texinfo' max_age='31536000'/>
<mime_type ext='tgz' type='application/x-tar' max_age='31536000'/>
<mime_type ext='tif' type='image/tiff' gzip='1' max_age='31536000'/>
<mime_type ext='tiff' type='image/tiff' gzip='1' max_age='31536000'/>
<mime_type ext='tr' type='application/x-troff' max_age='31536000'/>
<mime_type ext='tsv' type='text/tab-separated-values' gzip='1' max_age='31536000'/>
<mime_type ext='ustar' type='application/x-ustar' max_age='31536000'/>
<mime_type ext='vcf' type='text/v-vcard' gzip='1' max_age='31536000'/>
<mime_type ext='vcs' type='text/x-vcalendar' gzip='1' max_age='31536000'/>
<mime_type ext='war' type='application/java-archive' max_age='31536000'/>
<mime_type ext='wav' type='audio/x-wav' max_age='31536000'/>
<mime_type ext='wbmp' type='image/vnd.wap.wmbp' gzip='1' max_age='31536000'/>
<mime_type ext='webm' type='video/webm' max_age='31536000'/>
<mime_type ext='webp' type='image/webp' gzip='1' max_age='31536000'/>
<mime_type ext='wml' type='text/vnd.wap.wml' gzip='1' max_age='31536000'/>
<mime_type ext='wmlc' type='application/vnd.wap.wmlc' max_age='31536000'/>
<mime_type ext='wmls' type='text/vnd.wap.wmlscript' gzip='1' max_age='31536000'/>
<mime_type ext='wmlsc' type='text/vnd.wap.wmlscript' gzip='1' max_age='31536000'/>
<mime_type ext='wmv' type='video/x-ms-wmv' max_age='31536000'/>
<mime_type ext='xbm' type='image/x-xbitmap' gzip='1' max_age='31536000'/>
<mime_type ext='xls' type='application/msexcel' max_age='31536000'/>
<mime_type ext='xml' type='text/xml' gzip='1' max_age='31536000'/>
<mime_type ext='xpm' type='image/x-xpixmap' gzip='1' max_age='31536000'/>
<mime_type ext='xwd' type='image/x-xwindowdump' gzip='1' max_age='31536000'/>
<mime_type ext='Z' type='application/x-tar' max_age='31536000'/>
<mime_type ext='zip' type='application/x-zip-compressed' max_age='31536000'/>
<mime_type ext='zlib' type='application/x-deflate' max_age='31536000'/>
</vhs>