We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
希望集成ja3指纹,并透传到源站服务器,同时延伸出针对IP指纹的拦截(包括扩展实现类似现有的基于IP组的黑白名单库)。针对代理拨号、更换IP等方式的扫描、攻击等进行指纹识别。
nginx集成ja3指纹,获取的指纹通过header透传到下游服务器。"通用配置"中添加指纹库,"防护配置" --> "黑白名单"中支持添加指纹库
The text was updated successfully, but these errors were encountered:
能具体分享下, waf 上识别 ja3 指纹,对防护或者业务有啥好处么
Sorry, something went wrong.
能具体分享下, waf 上识别 ja3 指纹,对防护或者业务有啥好处么 https://help.aliyun.com/zh/anti-ddos/anti-ddos-pro-and-premium/user-guide/configure-accurate-access-control-rules?spm=a2c4g.11186623.0.0.3ac9731cOpnkV7#10173c5089mvu 原话:遭受大流量CC攻击时,如果攻击者使用相同的脚本或工具,包含相同指纹值的请求数或请求数占比会突增
把你比作攻击者,你的指纹是你的身份标识,不管你怎么换IP,你还是你。 你可以搜索一下ja3 / ja3s指纹
No branches or pull requests
背景与遇到的问题
希望集成ja3指纹,并透传到源站服务器,同时延伸出针对IP指纹的拦截(包括扩展实现类似现有的基于IP组的黑白名单库)。针对代理拨号、更换IP等方式的扫描、攻击等进行指纹识别。
建议的解决方案
nginx集成ja3指纹,获取的指纹通过header透传到下游服务器。"通用配置"中添加指纹库,"防护配置" --> "黑白名单"中支持添加指纹库
The text was updated successfully, but these errors were encountered: