Cấu Hình Ngăn Chặn Mạng Tor Trên Website

Hôm nay tôi sẽ hướng dẫn các bạn chặn mạng tor vào website bằng công cụ cực kỳ quen thuộc đó là csf.

Cài Đặt CSF

Đầu tiên chúng ta cần cài đặt csf trước đã!

Đăng nhập vào ssh và gõ lần lượt các lệnh sau đây để cài các phần bổ trợ cho csf

root@localhost# yum -y install epel-release
root@localhost# yum -y install iptables-services unzip bind-utils perl-libwww-perl e2fsprogs perl-LWP-Protocol-https ipset perl-Time-HiRes vim vi wget

Sau đó gõ các lệnh sau đây để tiến hành cài đặt csf

root@localhost# cd /usr/local/src
root@localhost# wget https://download.configserver.com/csf.tgz

Giải nén file mới tải về và đi vào bên trong thư mục

root@localhost# tar -xzf csf.tgz
root@localhost# cd csf

Sau đó gõ lệnh sau đây để tiến hành cài đặt

root@localhost# sh install.sh

Cấu Hình CSF

Ok vậy đợi một lúc csf sẽ tự động cài đặt và thông báo thành công bây giờ chúng ta cần cấu hình chặn mạng tor như sau

Khuyến cáo các bạn dùng winscp đăng nhập bằn sftp vào vps để chỉnh sử cho dễ

Vào thư mục /etc/csf/ trên vps tìm file csf.blocklists

Bỏ phần comments của code ở các phần tor

Các bạn có thể tham khảo file mình đã cấu hình hoàn chỉnh như dưới đây

###############################################################################
# Copyright 2006-2018, Way to the Web Limited
# URL: http://www.configserver.com
# Email: sales@waytotheweb.com
###############################################################################
# This file contains definitions to IP BLOCK lists.
#
# Uncomment the line starting with the rule name to use it, then restart csf
# and then lfd
#
# Each block list must be listed on per line: as NAME|INTERVAL|MAX|URL
#   NAME    : List name with all uppercase alphabetic characters with no
#             spaces and a maximum of 25 characters - this will be used as the
#             iptables chain name
#   INTERVAL: Refresh interval to download the list, must be a minimum of 3600
#             seconds (an hour), but 86400 (a day) should be more than enough
#   MAX     : This is the maximum number of IP addresses to use from the list,
#             a value of 0 means all IPs
#   URL     : The URL to download the list from
#
# Note: Some of these lists may be very long and could cause serious network
# and/or performance issues unless you are using LF_IPSET in csf, so setting a
# value for the MAX field should be considered
#
# After making any changes to this file you must restart csf and then lfd
#
# If you want to redownload a blocklist you must first delete
# /var/lib/csf/csf.block.NAME and then restart csf and then lfd
#
# Each URL is scanned for an IP/CIDR address per line and if found is blocked
#
# The downloaded list can be a zip file. The zip file MUST only contain a
# single text file of a single IP/CIDR per line
#
# Note: CXS_ is a reserved prefix for the blocklist name and MUST NOT be used

# Spamhaus Don't Route Or Peer List (DROP)
# Details: http://www.spamhaus.org/drop/
SPAMDROP|86400|0|http://www.spamhaus.org/drop/drop.txt

# Spamhaus IPv6 Don't Route Or Peer List (DROPv6)
# Details: http://www.spamhaus.org/drop/
SPAMDROPV6|86400|0|https://www.spamhaus.org/drop/dropv6.txt

# Spamhaus Extended DROP List (EDROP)
# Details: http://www.spamhaus.org/drop/
SPAMEDROP|86400|0|http://www.spamhaus.org/drop/edrop.txt

# DShield.org Recommended Block List
# Details: http://dshield.org
DSHIELD|86400|0|http://www.dshield.org/block.txt

# TOR Exit Nodes List
# Set URLGET in csf.conf to use LWP as this list uses an SSL connection
# Details: https://trac.torproject.org/projects/tor/wiki/doc/TorDNSExitList
TOR|86400|0|https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=1.2.3.4

# Alternative TOR Exit Nodes List
# Details: http://torstatus.blutmagie.de/
ALTTOR|86400|0|http://torstatus.blutmagie.de/ip_list_exit.php/Tor_ip_list_EXIT.csv

# BOGON list
# Details: http://www.team-cymru.org/Services/Bogons/
BOGON|86400|0|http://www.cymru.com/Documents/bogon-bn-agg.txt

# Project Honey Pot Directory of Dictionary Attacker IPs
# Details: http://www.projecthoneypot.org
HONEYPOT|86400|0|http://www.projecthoneypot.org/list_of_ips.php?t=d&rss=1

# C.I. Army Malicious IP List
# Details: http://www.ciarmy.com
CIARMY|86400|0|http://www.ciarmy.com/list/ci-badguys.txt

# BruteForceBlocker IP List
# Details: http://danger.rulez.sk/index.php/bruteforceblocker/
BFB|86400|0|http://danger.rulez.sk/projects/bruteforceblocker/blist.php

# MaxMind GeoIP Anonymous Proxies
# Set URLGET in csf.conf to use LWP as this list uses an SSL connection
# Details: https://www.maxmind.com/en/anonymous_proxies
MAXMIND|86400|0|https://www.maxmind.com/en/anonymous_proxies

# Blocklist.de
# Set URLGET in csf.conf to use LWP as this list uses an SSL connection
# Details: https://www.blocklist.de
# This first list only retrieves the IP addresses added in the last hour
BDE|3600|0|https://api.blocklist.de/getlast.php?time=3600
# This second list retrieves all the IP addresses added in the last 48 hours
# and is usually a very large list (over 10000 entries), so be sure that you
# have the resources available to use it
BDEALL|86400|0|http://lists.blocklist.de/lists/all.txt

# Stop Forum Spam
# Details: http://www.stopforumspam.com/downloads/
# Many of the lists available contain a vast number of IP addresses so special
# care needs to be made when selecting from their lists
STOPFORUMSPAM|86400|0|http://www.stopforumspam.com/downloads/listed_ip_1.zip

# Stop Forum Spam IPv6
# Details: http://www.stopforumspam.com/downloads/
# Many of the lists available contain a vast number of IP addresses so special
# care needs to be made when selecting from their lists
STOPFORUMSPAMV6|86400|0|http://www.stopforumspam.com/downloads/listed_ip_1_ipv6.zip

# GreenSnow Hack List
# Details: https://greensnow.co
GREENSNOW|86400|0|https://blocklist.greensnow.co/greensnow.txt

Sau đó lưu lại và quay lại lại ssh của vps gõ lệnh

root@localhost# service csf restart

Sau đó các bạn test thử bằng cách cài tor browser và test :) các bạn có thể test chính site mình luôn trước khi cài nhé mình cũng chặn rồi và đây là kết quả khi truy cập bằng tor browser