This is a brief one.这是一个简短的一个。 Thanks to由于 The How-To Geek该如何对怪胎 for bringing this command into my troubleshooting repertoire.为使这一命令到我的疑难排解曲目。
A bit of background first.一点背景第一。 This command is helpful to determine who is causing the most hits to your web site.此命令是帮助确定谁是造成最多安打到您的网站。 On my music blog, I post a fair number of (totally legal) MP3s.在我的音乐博客,我后一个公平人数(完全合法)的MP3 。 Some less than ethical people often use those MP3s to stream via their site, causing mine to be slower (and a larger bandwidth bill).有些不到道德的人往往利用这些流的MP3通过其网站,导致矿井要慢(和更大的带宽法案) 。 By figuring out the IP address of the site/person “stealing” my bandwidth I can then block their IP from accessing any of my content.据搞清楚的IP地址的网站/人“窃取”我的带宽然后我可以阻止他们的IP访问我的任何内容。
Note: you’ll need shell access to your web server log files 注意:您需要壳访问您的Web服务器日志文件
- SSH (or telnet) to your web host.的SSH (或telnet )您的网页主机。 Switch to the directory that stores your web server log files.切换到目录商店您的Web服务器日志文件。
- Run this command:运行此命令:
tail -100000 access.log | awk '{print $1}' | sort | uniq -c |sort -n尾-100000 access.log | awk ' (打印$ 1 ) ' |分类| uniq醇|排序正
where 100000 is the number of lines (starting from the end of the log file) you want to search, and access.log is the name of your web server access log.其中100000是行数(从末日志文件)您想搜索,并access.log的名称是您的Web服务器访问日志。
- The result will be a (probably) fairly long list of IPs, sorted by fewest hits to most.其结果将是一个(也许)相当长的名单,地址,按最少安打最。 The first value in each row is the number of times the IP address (the second number) accessed your site (in the number of lines of the log file you specified).第一价值是每行的次数的IP地址(第二号)访问您的网站(在一些线路的日志文件您所指定) 。
Use the host command to determine the fully qualified domain name of any IP address that shows up (you’ll probably want to know who the ones that hit your site the most are). 使用主机的命令,以确定完全合格的域名的任何IP地址显示(您可能会想知道谁是那些触及您的网站大多是) 。 In the screenshot example below, two of the IPs that hit simplehelp.net the most were Googlebot and the Yahoo Site Crawler.在截图下面的例子,有两个IP地址击中simplehelp.net最被Googlebot和雅虎网站的履带。
- If there’s an IP/domain that looks suspicious, you can check to see which files they were hitting by using the command:如果有一个IP /网域,看起来可疑,您可以查看哪些文件触及他们使用的命令:
tail -1000 access.log | grep xx.xx.xx.xx尾-1000 access.log | grep xx.xx.xx.xx
In that command, 1000 is the number of lines to check, access.log is the name of your web server access log, and xx.xx.xx.xx is the IP you want to sort by.在这一命令, 1000是行数,检查, access.log的名称是您的Web服务器访问日志,并xx.xx.xx.xx的IP是要排序的。 I’d suggest using a smaller number (1000 vs. 100000 as used in the first command) as you probably don’t need/want to see every file they accessed.我会建议您使用更小的数目( 1000与100000中所用的第一个命令)你可能不需要/希望看到他们每个文件访问。 If you do, increase the 1000 number.如果你这样做,增加了1000个号码。 Or, if not very many results show up, that means that they were hitting your site “earlier”, and you’ll want to increase 1000 to a higher number.或者,如果没有很多的结果显示,这意味着他们触及您的网站“早” ,你就会想增加1000到更高的号码。
{ 2 comments… read them below or ( 2评论...阅读低于或 add one添加一个 } )
The problem is that if someone hotlinks your mp3s (or images, or any other media), then it’s still the IPs of their users that will show up in your logs, not the offending webserver.问题是,如果有人hotlinks您的MP3 (或图像,或任何其他媒体) ,那么它仍然是IP地址的用户将显示在您的日志,没有违规的网络服务器。 That is to say, it will likely be a fairly even distribution of users and indistinguishable from that of your legitimate visitors (unless someone is just continuously refreshing your media content).这就是说,它可能会相当均匀分布的用户和区分是您的合法访问者(除非有人只是不断更新媒体内容的) 。
What you want to be doing is checking for the referrer information to your media files (naturally excluding your own domain from the list).你想成为做的是检查的推介资料, 您的媒体文件(当然不包括自己的域名从名单中) 。
Tony -托尼-
Under normal circumstances yes, you’re absolutely right.在正常情况下是的,你是绝对正确的。 In my specific case, the site was loading the files via a flash player that they hosted, and all the requests came from the sites flash player.在我国具体情况下,这一网站已被载入档案通过一个闪光的球员,他们主办,并要求所有来自网站闪存播放器。 Adding the IP to my .htaccess in turn stopped the flash player from loading the songs for anyone/everyone who tried to play them from the *explatives* site.新增的IP我。 htaccess又停止了闪存播放器加载的歌曲的人/都谁试图发挥他们从explatives * *网站。
Leave a Comment发表您的评论