套cf后 站点WAF防火墙规则设定 这2+1就够了 全能防御恶意流量攻击！ 套cf后 站点WAF防火墙规则设定 这2+1就够了 全能防御恶意流量攻击！转自 科技L 自己网站受攻击是正常的，下面说说怎么在cf防范打开cf网站受攻击的域名，安全性---WAF---自定义规则，一般可免费创建五个规则，下面是网友建好的，当然规则是死的，人是活的，许多地方可以举一反三，灵活修改【遇到强烈攻击时，宁可错杀一千不放过一个ip的原则选择交互式质询或阻止，规则先后秩序一般是 先放行后阻止 】1、放行跳过机器人扫描规则-KJL(cf.client.bot) or (http.user_agent contains "duckduckgo") or (http.user_agent contains "facebookexternalhit") or (http.user_agent contains "Feedfetcher-Google") or (http.user_agent contains "LinkedInBot") or (http.user_agent contains "Mediapartners-Google") or (http.user_agent contains "msnbot") or (http.user_agent contains "Slackbot") or (http.user_agent contains "TwitterBot") or (http.user_agent contains "ia_archive") or (http.user_agent contains "yahoo")2、全球用户js质询访问记录全球所有的用户访问都会有ip记录，方便你追踪，通过5s盾保护安全(ip.geoip.continent eq "AF") or (ip.geoip.continent eq "AN") or (ip.geoip.continent eq "AS") or (ip.geoip.continent eq "EU") or (ip.geoip.continent eq "NA") or (ip.geoip.continent eq "OC") or (ip.geoip.continent eq "SA") or (ip.geoip.continent eq "T1")3、恶意流量托管质询规则-KJL【可修改威胁分数值，值越大越严格，当然也可以把托管质询修改为更严格的 交互式质询或阻止 】(cf.threat_score ge 5 and not cf.client.bot) or (not http.request.version in {"HTTP/1.2" "HTTP/2" "HTTP/3" "SPDY/3.1"}) or (not http.user_agent contains "Mozilla/")

x-ui面板实现多ip分流出站 x-ui面板实现多ip分流出站 xui是最简单的面板，估计没有之一通过xui实现多ip分流也很简单创建好入站后直接修改面板设置里的xray配置模板就可以了本文摘自：https://kev.fit/archives/43/{ "api": { "services": [ "HandlerService", "LoggerService", "StatsService" ], "tag": "api" }, "inbounds": [ { "listen": "127.0.0.1", "port": 62789, "protocol": "dokodemo-door", "settings": { "address": "127.0.0.1" }, "tag": "api" } ], "outbounds": [ { "tag": "ip1", "sendThrough": "1.1.1.1", "protocol": "freedom", "settings": {} }, { "tag": "ip2", "sendThrough": "1.1.1.2", "protocol": "freedom", "settings": {} }, { "protocol": "freedom", "settings": {} }, { "protocol": "blackhole", "settings": {}, "tag": "blocked" } ], "policy": { "system": { "statsInboundDownlink": true, "statsInboundUplink": true } }, "routing": { "rules": [ { "inboundTag": [ "inbound-xxxxx","inbound-xxxxx" ], "outboundTag": "ip1", "type": "field" }, { "inboundTag": [ "inbound-xxxxx","inbound-xxxxx" ], "outboundTag": "ip2", "type": "field" }, { "inboundTag": [ "api" ], "outboundTag": "api", "type": "field" }, { "ip": [ "geoip:private" ], "outboundTag": "blocked", "type": "field" }, { "outboundTag": "blocked", "protocol": [ "bittorrent" ], "type": "field" } ] }, "stats": {} }xray的通信原理是inbound-routing-outbound，也就是入站-路由规则-出站入站节点内容存放在数据库内，不在模板中，数据库与模板共同组合成config.json要实现多ip分流，主要是通过修改路由规则将入站列表中的节点与不同的出站ip进行连接所以编辑routing和outbound即可，创建好节点后inbound内容无需修改