|
|
Because work needs it, I set up a cloud storage with Seafile on a regular broadband and mapped to the public network. Two days ago, I accessed the cloud disk on my colleague's computer (with 360 browser installed). The result was that overnight there were three sixty's crawlers crawling links.
Because IP does not have north bank, only self-use of the cloud storage. I did not want to be crawled by the crawler to cause trouble. Fortunately, I had already known about these characteristics of Chinese browsers before, so I blocked some IP segments and useragents in advance, and then monitored nginx logs. Today, I was caught again by me. All GET parameters links containing token and uuid will be secretly uploaded and analyzed. Then you can use the crawler to crawl you. Encourage those who use these browsers to uninstall them immediately for safety. Here is the nginx log snippet:
# This is my normal access record
120.*.*.*|-|07/Aug/2024:09:32:25 +0800|"GET /seafhttp/zip/***"||"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.95 Safari/537.36"
# This is the night crawler from 360
106.63.26.7|-|08/Aug/2024:03:53:27 +0800|"HEAD /seafhttp/zip/*** HTTP/1.1"|403|0|"-"||"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.95 Safari/537.36 QIHU 360SE" |
|
发表于 2024-8-10 12:13:44