Are you still storing on the server? I'm at 200DA

On twilight winter evenings to the song of a blizzard, wrapped in a sheep’s blanket with a glass of “apple moonshine,” I like reading logs on the server. Key authorization simplifies this, so if they don’t let me into the public room, the server is always happy to shelter, old devil.

A lot of things are happening in the world, someone with a happy 200, someone looks perplexedly at 301, someone scratches the sheer slaughter at 403.

But the most valuable fur is the researchers. These are those who discover a new world for themselves on the basis of their knowledge through trial and 404.

Here we are talking about 404. This article is not about anything. She's about security.

With each passing day, more and more people of different ages, religions, sexes, and the installed system choose the path of an IT threat to later become an IT security person with a good bad track record.

Such creative guys and girls send requests for exploits day and night, which are given to them in the form of 403 and 404, but this later.

Everyone starts with crude search analytics, which should be at the root of the site. Many go beyond, and abut against the wall Someone put the first MySQL 3.0 in its life looking for, mysql.zipand kompyuternyhbozhe Hallelujah, Oh, .7zor .tar.gzeven no thoughts!

Every time I see a 404 in the log opposite the next head, or worse get, my heart contracts with the pain they feel when reading an error from the screen as you read this article.

One fine day, I told myself - “Enough,% username%! You are cruel! You do not give them a chance, it’s impossible, it’s not human. ”

I objected that life is such a thing in general, you can’t give them a file on a dish, and even with a border. The third voice said, “my prejudice ..”, I did not understand why, but my hand reached into my pocket.

As a result, after a deal with conscience and the iron superhero that is in almost all of us and among you, I wrote this:

location ~* "^/(archive|auth|backup|clients|com|dat|dump|engine|files|home|html|index|master|media|my|mysql|old|site|sql|website|wordpress)\.zip$" {
	access_log /usr/local/nginx/logs/dummy.log;
	default_type application/zip;
	root /usr/local/nginx/html/dummy;
	rewrite ^(.*)$ /mydummy break;
	max_ranges 0;
	limit_rate 4k;
	include param/zone1rs;

max_ranges 0;- prohibits "resume"
limit_rate 4k;- limits download speed
include param/zone1rs;- Zone where 1 connection per 1 ip is allowed. Different versions of nginx have their own listing. The main thing is limit_conn one 1;where oneis the name of your zone.

mydummyIt turns out very simple:

dd bs=1024 count=1572864 mydummy 

Then you need to show incredulous that this is a zip archive:

echo -ne \\x50\\x4b\\x03\\x04\\x14\\x00\\x00\\x00\\x08\\x00 | dd conv=notrunc bs=1 count=10 of=mydummy

Now I don’t care even the bad weather! If the yard is a sad fall, or a dead winter, I carefully blow bread crumbs from the console, call:

tail -n 16 /usr/local/nginx/logs/dummy.log

... and a smile appears on my face! I'm happy for the future of humanity, I am proud of those adsl, or cablenetwho purposefully, for five days, carefully downloading this file, this little ticket in life, weighing in at 1.5 GB and the price of 5 days of this same life. I am happy that I can make this world a better place and give an incomplete week of happiness and almost Christmas expectation of a gift from my right sock.


Also popular now: