diff --git a/Server/Database/Database.cpp b/Server/Database/Database.cpp index 136e3dc..9f676b8 100644 --- a/Server/Database/Database.cpp +++ b/Server/Database/Database.cpp @@ -188,7 +188,9 @@ VisitAnalysis Database::siteVisitAnalysisData() { static std::vector urlFilter = { "/", + "/search", "/LoginPage", + "/MessageBoard", "/我的笔记", "/我的博客", }; diff --git a/Server/conf/nginx.conf b/Server/conf/nginx.conf index f73ec0f..5a25749 100644 --- a/Server/conf/nginx.conf +++ b/Server/conf/nginx.conf @@ -27,6 +27,10 @@ http { gzip on; gzip_types application/octet-stream text/markdown text/plain application/json application/x-javascript text/css application/xml text/javascript application/javascript application/x-httpd-php image/jpeg image/gif image/png; + + # 定义一个限流区域,名称为 one,大小为 10MB,限速为每 5 分钟 5 次请求 + limit_req_zone $binary_remote_addr zone=one:10m rate=3r/m; + init_by_lua_file lua/initialize.lua; upstream local { server 127.0.0.1:8081; @@ -380,6 +384,7 @@ http { server { listen 443 ssl; server_name amass.fun; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; ssl_certificate cert/amass.fun.pem; ssl_certificate_key cert/amass.fun.key; @@ -391,6 +396,14 @@ http { location / { root amass_blog; index index.html index.htm; + add_header X-Content-Type-Options "nosniff"; + } + + location /日常随笔 { + root amass_blog; + index index.html index.htm; + add_header X-Content-Type-Options "nosniff"; + access_by_lua_file lua/authentication.lua; } location = /blog/profile { @@ -398,6 +411,8 @@ http { } location ^~ /api/v1/login { + # 应用限流规则,使用名称为 one 的限流区域,允许突发请求数为 5,不延迟处理 + limit_req zone=one burst=5 nodelay; default_type 'application/json; charset=utf-8'; content_by_lua_file lua/login.lua; }