小黑屋功能实现
340
0
2022-02-23
2022-05-17
Hey、小怪兽
- • 小黑屋的功能:假设有人一直攻击你的网站,可以将他的ip地址列入黑名单,他就无法访问你的网站了
- • 芋圆社区1.0做了小黑屋的功能,但是由于2年没有人恶意攻击,所以2.0就取消了
- • 最近又上线了这个功能,在此贴上代码
- • 首先我们需要一个小黑屋的数据表,在models.py里写
-
# 小黑屋 class BlackHouse(models.Model): ip = models.CharField(blank=True, null=True, max_length=20, verbose_name='ip地址') class Meta: verbose_name_plural = u'小黑屋' def __str__(self): return self.ip - • 我们需要获取访问的ip地址,因为很多地方都要用到,所以我写到了我的公共方法里,townbase.views.method.py:
-
def getIP(request): """ 获取ip地址 :param request: :return: """ client_ip = '' try: if 'HTTP_X_FORWARDED_FOR' in request.META: # 获取真实的ip client_ip = request.META['HTTP_X_FORWARDED_FOR'].split(",")[0] else: # 获取代理ip client_ip = request.META['REMOTE_ADDR'] finally: return client_ip - • 接下去我们需要创建一个中间键,在自己的包下创建middleware.py
- • 在里面写上代码,black_ip是我的数据库存的小黑屋ip地址,通过values_list和list把他弄成列表了
- • client_ip就是访问者的ip,getIP就是刚才写的方法会返回ip然后赋值给client_ip
- • 如果访问者的ip在我小黑屋的ip列表里,那么我会让他直接跳转到我写好的403页面去
-
from django.utils.deprecation import MiddlewareMixin from django.shortcuts import render from townbase.models import BlackHouse from townbase.views.method import getIP class BlockVisit(MiddlewareMixin): def process_request(self, request): black_ip = list(BlackHouse.objects.values_list('ip', flat=True)) client_ip = getIP(request) if client_ip in black_ip: return render(request, '403.html') - • 要让中间键生效,需要在settings.py里配置:
-
MIDDLEWARE = [ # 添加的中间件,放在第一个 'townbase.middleware.BlockVisit', 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', ] - • 因为我是本地测试运行的,所以ip地址是127.0.0.1,在小黑屋数据表插入这个ip地址
- • 访问的话就会显示:
- • 这样小黑屋功能就完成了,这样只能简单地保证社区的安全,如果攻击者真的要攻击的话也没办法,到时候就需要更强大的安全措施了
- • 顺便贴上我的403页面的代码(注意修改title,icon,文本等):
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="referrer" content="strict-origin-when-cross-origin"> <title>403 - 芋圆社区403页面</title> <meta name="keywords" content="403,芋圆社区" /> <meta name="description" content="芋圆社区的403页面." /> <!-- ico图标 --> <link rel="shortcut icon" href="/static/images/favicon.ico" type="image/x-icon"> </head> <style> body { display: -webkit-box; display: flex; -webkit-box-orient: horizontal; -webkit-box-direction: normal; flex-flow: row wrap; align-content: center; -webkit-box-pack: center; justify-content: center; } div { width: 100%; text-align: center; } .number { background: #ffffff; position: relative; font: 900 30vmin 'Consolas'; letter-spacing: 5vmin; text-shadow: 2px -1px 0 #808080, 4px -2px 0 #0a0a0a, 6px -3px 0 #7f7f7f, 8px -4px 0 #141414, 10px -5px 0 #1a1a1a, 12px -6px 0 #1f1f1f, 14px -7px 0 #242424, 16px -8px 0 #292929; } .number::before { background-color: rgb(168, 168, 168); background-image: radial-gradient(closest-side at 50% 50%, #393939 100%, rgba(0, 0, 0, 0)), radial-gradient(closest-side at 50% 50%, #3b3b3b 100%, rgba(0, 0, 0, 0)); background-repeat: repeat-x; background-size: 40vmin 40vmin; background-position: -100vmin 20vmin, 100vmin -25vmin; width: 100%; height: 100%; mix-blend-mode: screen; -webkit-animation: moving 10s linear infinite both; animation: moving 10s linear infinite both; display: block; position: absolute; content: ""; } @-webkit-keyframes moving { to { background-position: 100vmin 20vmin, -100vmin -25vmin; } } @keyframes moving { to { background-position: 100vmin 20vmin, -100vmin -25vmin; } } .text { font: 400 5vmin "Courgette"; } .text span { font-size: 10vmin; } </style> <body style="background-color: #00000020"> <div class="number" style="margin-top: 6%">403</div> <div class="text"> <span>...</span> <br> <p>您的ip地址近期攻击过芋圆社区</p> <p>芋圆社区拒绝您的访问</p> </div> </body> </html>