a few days ago I search my website, found that there are many illegal websites update at the same time, I found some illegal click into the site, but found only a small amount of information in the advertisement of website of the other side at the top, and not what the actual content.
I checked each other’s source code and found out that the other party was hiding the content of the site. In this way, he can cheat the search engine, let the search engine give him a good ranking, and at the same time in front of visitors hide their petty theft behavior.
, the first time I thought about it, was the website hacked
so I modified the website FTP, database, administrator accounts and other information, but also updated the new article, every few hours later found that the other party or can successfully update my website article. This is strange, is the server hacked, I carefully check the server, did not find anything unusual.
finally thought whether it might have been collected,
so I opened the site access log function, and so on after a long time, I opened a few M log view, a closer examination on the acquisition of the acquisition of IP,
after I blocked the other party’s IP, the other party never updated it with my website again.
quickly find and recruit a thief who collects your web site?
method is very simple, you just need to see which IP access your latest articles, and then look at these IP, which is unusual, it is sure to collect your site.
For example, you update
one or two new articles, your new article is ID /123.htm, the new /123.htm you access within half a day often had a few IP, then see that several IP have access to what page flow is normal.
, for example, some IP is the domestic IP, only access a few normal pages, traffic occupancy is very small, then they are normal visitors.
, and like this, America’s IP 207.46.13.* isn’t normal.
first, he’s American IP, and even the actual visit is not my intended customer.
second, the thief collecting web server in the United States, and this IP is also in the United States, then he must be collecting IP.
third, he does illegal website, cannot use domestic server, one American server cost is low, and the legal risk that can avoid law next.
fourth, access to too many pages, take up more traffic.
found the collector’s IP, how to shield the IP segment of the collector,
the following figure is that I blocked the collector’s IP, and the status code is 403, which proves the screen is successful.