banner
moeyy

moeyy

一条有远大理想的咸鱼。
github
mastodon
email
HomeArchivesNextJS BlogApps

Reinforce kangle/ep for security defense/CC defense/injection prevention/trojan prevention and other operations.

#kangle13
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
This article provides instructions on how to strengthen and secure the Kangle/ep system, including operations such as directory execution prevention, protection of system files and sensitive files, obtaining the real IP address, preventing Trojan uploads, and setting up defense against CC attacks. It also includes instructions on setting up the 17CE and Qiyunce green functions. The article mentions that some features may only be available in the commercial version of Kangle and suggests upgrading to the commercial version. The article also includes HTML code for a custom error page.

image

1. Disable Directory Execution#

First, click on the request control on the right, select add, target, choose deny, and the two matching modules reg_path.

Write in respectively, remember to check nc details and image comparison.

.*//((attachment)(attachments)(uploadfiles)(avatar))//
/.((php)(php5)(php7)(phps)(jsp)(asp)(aspx)(asa)(asax)(ascx)(ashx)(asmx)(axd)).*$

image

2. Protect System Files#

First, click on the request control on the right, select add, target, choose deny, matching module url.

Write in respectively, remember to check nc details and image comparison.

/.(htaccessuini)

image

3. Protect Sensitive Files#

First, click on the request control on the right, select add, target, choose deny, matching module url.

Write in respectively, remember to check nc details and image comparison.

(up.+/.web/.httpd/.)(conflogconfigini)

image

4. Obtain Real IP#

First, click on the request control on the right, select add, directly add, choose continue, marking module replace_ip.

Write in the header, details and image comparison.

X-Forwarded-For

image

5. Prevent Trojan Uploads#

First, click on the request control on the right, select add, directly add, choose deny, marking module select post_file, then choose ignore.

Details and image comparison.

/.((php)(php5)(php7)(phps)(jsp)(asp)(aspx)(asa)(asax)(ascx)(ashx)(asmx)(axd)(html)(htm)(js))$

image

6. Set 17CE and Qiyun Test All Green Function#

This function is purely for self-satisfaction, just forwarding a link. Hahaha~ Let elementary school students buy your host thinking your machine is fast~ A bit arrogant~

The method is the same. So I won't write it twice, just take 17ce as an example.

Open the 3311 panel, add in the request control, target continue, select matching module referer, input http://www.17ce.com.

Then in the marking module select redirect, input code, enter 301.

https://static-s.bilibili.com/error/404.png

image

7. Set CC Defense#

This function is only effective in the commercial version. Please use kangle.in to upgrade to the commercial version. I will write a tutorial for upgrading to the commercial version later.

First, click on the request control on the right, select add, directly add, choose continue, marking module select anti_cc.

Set request and second according to your needs.

Remember to check white list and fix_url.

Details and image comparison.

image

HTTP/1.1 503 OK
Content-Type: text/html; charset=utf-8
Connection: close
Cache-Control: no-cache,no-store



<!-- [if IE 8]>

<style>.ie8 .alert-circle,.ie8 .alert-footer{display:none}.ie8 .alert-box{padding-top:75px}.ie8 .alert-sec-text{top:45px}</style>

<![endif]-->

<style>
body {<br />
 margin: 0;<br />
 padding: 0;<br />
 background: #E6EAEB;<br />
 font-family: Arial, '微软雅黑', '宋体', sans-serif<br />
}<br />
.alert-box {<br />
 display: none;<br />
 position: relative;<br />
 margin: 96px auto 0;<br />
 padding: 180px 85px 22px;<br />
 border-radius: 10px 10px 0 0;<br />
 background: #FFF;<br />
 box-shadow: 5px 9px 17px rgba(102,102,102,0.75);<br />
 width: 286px;<br />
 color: #FFF;<br />
 text-align: center<br />
}<br />
.alert-box p {<br />
 margin: 0<br />
}<br />
.alert-circle {<br />
 position: absolute;<br />
 top: -50px;<br />
 left: 111px<br />
}<br />
.alert-sec-circle {<br />
 stroke-dashoffset: 0;<br />
 stroke-dasharray: 735;<br />
 transition: stroke-dashoffset 1s linear<br />
}<br />
.alert-sec-text {<br />
 position: absolute;<br />
 top: 11px;<br />
 left: 190px;<br />
 width: 76px;<br />
 color: #000;<br />
 font-size: 68px<br />
}<br />
.alert-sec-unit {<br />
 font-size: 34px<br />
}<br />
.alert-body {<br />
 margin: 35px 0<br />
}<br />
.alert-head {<br />
 color: #242424;<br />
 font-size: 28px<br />
}<br />
.alert-concent {<br />
 margin: 25px 0 14px;<br />
 color: #7B7B7B;<br />
 font-size: 18px<br />
}<br />
.alert-concent p {<br />
 line-height: 27px<br />
}<br />
.alert-btn {<br />
 display: block;<br />
 border-radius: 10px;<br />
 background-color: #4AB0F7;<br />
 height: 55px;<br />
 line-height: 55px;<br />
 width: 286px;<br />
 color: #FFF;<br />
 font-size: 20px;<br />
 text-decoration: none;<br />
 letter-spacing: 2px<br />
}<br />
.alert-btn:hover {<br />
 background-color: #6BC2FF<br />
}<br />
.alert-footer {<br />
 margin: 0 auto;<br />
 height: 42px;<br />
 width: 120px<br />
}<br />
.alert-footer-icon {<br />
 float: left<br />
}<br />
.alert-footer-text {<br />
 float: left;<br />
 border-left: 2px solid #EEE;<br />
 padding: 3px 0 0 5px;<br />
 height: 40px;<br />
 color: #0B85CC;<br />
 font-size: 12px;<br />
 text-align: left<br />
}<br />
.alert-footer-text p {<br />
 color: #7A7A7A;<br />
 font-size: 22px;<br />
 line-height: 18px<br />
}<br />
</style>
<div id="js-alert-box">


Seconds
<div id="js-sec-text"></div>
<div>
<div id="js-alert-head"></div>
<div>

Hello, we have detected abnormal behavior from you.

We are conducting a security check on your browser.

</div>
<a id="js-alert-btn" href="/" target="_blank" rel="noopener">Exit Security Check</a>

</div>
<div>
<div>

secure

Secure Encryption

</div>
</div>
</div>
<script type="text/javascript"><br />
function alertSet(e) {<br />
 document.getElementById("js-alert-box").style.display = "block",<br />
 document.getElementById("js-alert-head").innerHTML = e;<br />
 var t = 5,<br />
 n = document.getElementById("js-sec-circle");<br />
 document.getElementById("js-sec-text").innerHTML = t,<br />
 setInterval(function() {<br />
 if (1 > t){<br />
 location.href="{{murl}}";<br />
 }else {<br />
 t -= 1,<br />
 document.getElementById("js-sec-text").innerHTML = t;<br />
 var e = Math.round(t / 5 * 735);<br />
 n.style.strokeDashoffset = e - 735<br />
 }<br />
 if (2 == t){<br />
 document.getElementById("js-alert-btn").setAttribute("href","{{murl}}");<br />
 document.getElementById("js-alert-btn").setAttribute("style","font-weight:bold");<br />
 }<br />
 },<br />
 970);<br />
}<br />
</script>
<script>alertSet('Browser Security Check in Progress');</script>

8. Prevent SQL Injection#

First, click on the request control on the right, select add, directly add, choose deny, marking module select param.

Then in param value:(regex) input

'.*[; ]?((or)(insert)(select)(union)(update)(delete)(replace)(create)(drop)(alter)(grant)(load)(show)(exec))[/s(]

Then ignore case get post.

image

9. Optimize Configuration#

image

image

image

image

image

image

10. Set MIME Types#

Set MIME types for the strongest Google optimization settings, increase browser caching, and speed up web access.

Below are some commonly used formats that can be added as needed.

<table cellspacing="0">
<tbody>
<tr>
<td>3gp</td>
<td>video/3gpp</td>
<td></td>
<td>31536000</td>
</tr>
<tr>
<td>avi</td>
<td>video/x-msvideo</td>
<td></td>
<td>31536000</td>
</tr>
<tr>
<td>css</td>
<td>text/css</td>
<td>yes</td>
<td>31536000</td>
</tr>
<tr>
<td>dll</td>
<td>application/octet-stream</td>
<td></td>
<td>31536000</td>
</tr>
<tr>
<td>doc</td>
<td>application/msword</td>
<td></td>
<td>31536000</td>
</tr>
<tr>
<td>exe</td>
<td>application/octet-stream</td>
<td></td>
<td>31536000</td>
</tr>
<tr>
<td>flv</td>
<td>video/x-flv</td>
<td></td>
<td>31536000</td>
</tr>
<tr>
<td>gif</td>
<td>image/gif</td>
<td>yes</td>
<td>31536000</td>
</tr>
<tr>
<td>gz</td>
<td>application/x-tar</td>
<td></td>
<td>31536000</td>
</tr>
<tr>
<td>htm</td>
<td>text/html</td>
<td>yes</td>
<td>31536000</td>
</tr>
<tr>
<td>html</td>
<td>text/html</td>
<td>yes</td>
<td>31536000</td>
</tr>
<tr>
<td>ico</td>
<td>image/x-icon</td>
<td>yes</td>
<td>31536000</td>
</tr>
<tr>
<td>jpg</td>
<td>image/jpeg</td>
<td>yes</td>
<td>31536000</td>
</tr>
<tr>
<td>js</td>
<td>text/javascript</td>
<td>yes</td>
<td>31536000</td>
</tr>
<tr>
<td>mp3</td>
<td>audio/mpeg</td>
<td></td>
<td>31536000</td>
</tr>
<tr>
<td>mp4</td>
<td>video/mp4</td>
<td></td>
<td>31536000</td>
</tr>
<tr>
<td>png</td>
<td>image/png</td>
<td>yes</td>
<td>31536000</td>
</tr>
<tr>
<td>rar</td>
<td>application/x-rar-compressed</td>
<td></td>
<td>31536000</td>
</tr>
<tr>
<td>sh</td>
<td>application/x-sh</td>
<td></td>
<td>31536000</td>
</tr>
<tr>
<td>swf</td>
<td>application/x-shockwave-flash</td>
<td></td>
<td>31536000</td>
</tr>
<tr>
<td>tar</td>
<td>application/x-tar</td>
<td></td>
<td>31536000</td>
</tr>
<tr>
<td>xml</td>
<td>text/xml</td>
<td>yes</td>
<td>31536000</td>
</tr>
<tr>
<td>zip</td>
<td>application/x-zip-compressed</td>
<td></td>
<td>31536000</td>
</tr>
<tr>
<td>bmp</td>
<td>image/x-bmp</td>
<td>yes</td>
<td>31536000</td>
</tr>
<tr>
<td>pac</td>
<td>text/plain</td>
<td>yes</td>
<td>31536000</td>
</tr>
</tbody>
</table>

image

31536000 is recommended by Google, while Baidu uses 315360000 (ten years). Tencent uses 600.

You can directly modify the configuration file.

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.