{"id":67073,"date":"2026-01-28T07:25:28","date_gmt":"2026-01-27T23:25:28","guid":{"rendered":"https:\/\/www.wsisp.com\/helps\/67073.html"},"modified":"2026-01-28T07:25:28","modified_gmt":"2026-01-27T23:25:28","slug":"%e5%87%8c%e6%99%a83%e7%82%b9%e6%9c%8d%e5%8a%a1%e5%99%a8%e8%a2%abcpu%e6%89%93%e7%88%86%ef%bc%81%e4%bb%8e%e8%a3%b8%e5%a5%94%e5%88%b0%e9%93%9c%e5%a2%99%e9%93%81%e5%a3%81%ef%bc%8c%e8%bf%99%e5%a5%97","status":"publish","type":"post","link":"https:\/\/www.wsisp.com\/helps\/67073.html","title":{"rendered":"\u51cc\u66683\u70b9\u670d\u52a1\u5668\u88abCPU\u6253\u7206\uff01\u4ece\u88f8\u5954\u5230\u94dc\u5899\u94c1\u58c1\uff0c\u8fd9\u5957\u7eb5\u6df1\u9632\u5fa1\u65b9\u6848\u6551\u4e86\u6211\u7684\u547d"},"content":{"rendered":"

\"\"\u524d\u8a00:\u4e00\u4e2a\u8ba9\u6211\u591c\u4e0d\u80fd\u5bd0\u7684\u95ee\u9898<\/h3>\n

\u4e0a\u5468\u4e94\u51cc\u66683\u70b9,\u6211\u88ab\u77ed\u4fe1\u60ca\u9192\u2014\u2014\u670d\u52a1\u5668CPU\u98d9\u5230100%,\u7f51\u7ad9\u5168\u6302\u3002<\/p>\n

\u67e5\u65e5\u5fd7,\u89e6\u76ee\u60ca\u5fc3:<\/p>\n

# 1\u5c0f\u65f6\u5185\u7684\u6076\u610f\u8bf7\u6c42
\ngrep "nikto\\\\|sqlmap\\\\|nmap" access.log | wc -l
\n# \u7ed3\u679c:23847<\/p>\n

2\u4e07\u591a\u6b21\u653b\u51fb\u626b\u63cf,\u6765\u81ea\u5168\u7403\u5404\u5730\u7684IP,\u75af\u72c2\u63a2\u6d4b\u6211\u7684\u6f0f\u6d1e\u3002<\/p>\n

\u8fd9\u4e0d\u662f\u4e2a\u4f8b\u3002\u6839\u636e Cloudflare 2025\u5e74\u62a5\u544a,\u4e00\u4e2a\u66b4\u9732\u5728\u516c\u7f51\u7684\u670d\u52a1\u5668,\u5e73\u5747\u6bcf\u5929\u4f1a\u6536\u5230\u8d85\u8fc710\u4e07\u6b21\u6076\u610f\u8bf7\u6c42\u3002<\/p>\n

\u4e8e\u662f\u6211\u82b1\u4e86\u6574\u6574\u4e00\u5468,\u642d\u5efa\u4e86\u8fd9\u59575\u5c42\u7eb5\u6df1\u9632\u5fa1\u4f53\u7cfb\u3002<\/p>\n

\u73b0\u5728,\u6211\u7684\u670d\u52a1\u5668\u7a33\u5982\u8001\u72d7:<\/p>\n

# \u8fc7\u53bb7\u5929\u62e6\u622a\u7edf\u8ba1
\n[L1 \u5185\u6838\u5c42] SYN Flood: 12,847 \u6b21
\n[L2 Fail2Ban] \u5c01\u7981IP: 2,341 \u4e2a
\n[L3 Lua\u62e6\u622a] \u6076\u610fUA: 45,892 \u6b21
\n[L4 \u9650\u6d41] 429\u8fd4\u56de: 8,234 \u6b21
\n[L5 WAF] \u653b\u51fb\u62e6\u622a: 15,678 \u6b21<\/p>\n

\u4eca\u5929,\u6211\u628a\u8fd9\u5957\u65b9\u6848\u5b8c\u6574\u5f00\u6e90\u3002<\/p>\n

\n

[\u5199\u5728\u524d\u9762] \u5982\u679c\u4f60\u662f\u4e2a\u4eba\u5f00\u53d1\u8005\u3001\u72ec\u7acb\u7ad9\u957f,\u6216\u662f\u9700\u8981\u81ea\u5df1\u7ba1\u7406\u670d\u52a1\u5668\u7684\u6280\u672f\u7231\u597d\u8005,\u8fd9\u7bc7\u6587\u7ae0\u5c31\u662f\u4e3a\u4f60\u91cf\u8eab\u6253\u9020\u7684\u3002\u6211\u4eec\u4e0d\u8bb2\u865a\u7684,\u76f4\u63a5\u4e0a\u4ee3\u7801,\u4fdd\u8bc1\u80fd\u8dd1\u3002<\/p>\n

\u4e00\u3001\u67b6\u6784\u5168\u666f:5\u5c42\u7eb5\u6df1\u9632\u5fa1<\/h3>\n

\u5148\u770b\u6574\u4f53\u67b6\u6784,\u7406\u89e3\u6bcf\u4e00\u5c42\u7684\u804c\u8d23:\"\"<\/p>\n

\u6838\u5fc3\u8bbe\u8ba1\u539f\u5219:<\/p>\n\n\u5c42\u7ea7\u4f4d\u7f6e\u62e6\u622a\u76ee\u6807\u6027\u80fd\u6d88\u8017\u6280\u672f\u6808<\/tr>\n\n\n\n\n\n\n
L1<\/td>\n\u5185\u6838<\/td>\nSYN Flood\u3001ICMP \u6d2a\u6c34<\/td>\n\u6781\u4f4e<\/td>\nsysctl + firewalld<\/td>\n<\/tr>\n
L2<\/td>\n\u5bbf\u4e3b\u673a<\/td>\n\u534f\u8bae\u63a2\u6d4b\u3001\u7aef\u53e3\u626b\u63cf\u3001\u66b4\u529b\u7834\u89e3<\/td>\n\u4f4e<\/td>\nFail2Ban + IPSet<\/td>\n<\/tr>\n
L3<\/td>\n\u5bb9\u5668<\/td>\n\u7a7aUA\u3001\u722c\u866b\u811a\u672c\u3001\u5de5\u5177\u6307\u7eb9<\/td>\n\u4f4e<\/td>\nOpenResty Lua<\/td>\n<\/tr>\n
L4<\/td>\n\u5bb9\u5668<\/td>\n\u9ad8\u9891\u8bf7\u6c42 (CC\u653b\u51fb)<\/td>\n\u4e2d<\/td>\nNginx limit_req<\/td>\n<\/tr>\n
L5<\/td>\n\u5bb9\u5668<\/td>\nSQL\u6ce8\u5165\u3001XSS\u3001CVE\u6f0f\u6d1e<\/td>\n\u9ad8<\/td>\nModSecurity + CRS<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

\u8d8a\u9760\u524d\u62e6\u622a,\u6027\u80fd\u6d88\u8017\u8d8a\u4f4e\u3002 \u8fd9\u5c31\u662f\u7eb5\u6df1\u9632\u5fa1\u7684\u7cbe\u9ad3\u3002<\/p>\n

\n

\u4e8c\u3001L1 \u5185\u6838\u5c42:\u7b2c\u4e00\u9053\u9632\u7ebf<\/h3>\n

SYN Flood \u662f\u6700\u5e38\u89c1\u7684 DDoS \u653b\u51fb\u65b9\u5f0f\u3002\u653b\u51fb\u8005\u53d1\u9001\u5927\u91cf\u534a\u8fde\u63a5\u8bf7\u6c42,\u8017\u5c3d\u670d\u52a1\u5668\u8d44\u6e90\u3002<\/p>\n

\u89e3\u51b3\u65b9\u6848:sysctl \u5185\u6838\u53c2\u6570\u8c03\u4f18 + firewalld \u9650\u901f<\/p>\n

2.1 sysctl \u914d\u7f6e<\/h4>\n

# \u521b\u5efa\u914d\u7f6e\u6587\u4ef6
\nsudo bash -c 'cat > \/etc\/sysctl.d\/99-anti-ddos.conf << EOF
\n# ========================================
\n# SYN Flood \u9632\u62a4\u914d\u7f6e
\n# \u4f5c\u8005: wwj
\n# ========================================
\n\u200b
\n# \u3010\u5fc5\u987b\u3011\u542f\u7528 SYN Cookie
\n# \u539f\u7406: \u4e0d\u4fdd\u5b58\u534a\u8fde\u63a5\u72b6\u6001,\u7528\u52a0\u5bc6cookie\u9a8c\u8bc1
\nnet.ipv4.tcp_syncookies = 1
\n\u200b
\n# \u3010\u4f18\u5316\u3011\u51cf\u5c11 SYN \u91cd\u8bd5\u6b21\u6570 (\u9ed8\u8ba46)
\n# \u6548\u679c: \u66f4\u5feb\u91ca\u653e\u65e0\u6548\u8fde\u63a5
\nnet.ipv4.tcp_syn_retries = 2
\nnet.ipv4.tcp_synack_retries = 2
\n\u200b
\n# \u3010\u4f18\u5316\u3011\u589e\u52a0 SYN \u961f\u5217\u957f\u5ea6 (\u9ed8\u8ba4128)
\n# \u6548\u679c: \u5bb9\u7eb3\u66f4\u591a\u6b63\u5e38\u8fde\u63a5
\nnet.ipv4.tcp_max_syn_backlog = 4096
\n\u200b
\n# \u3010\u4f18\u5316\u3011TIME_WAIT \u590d\u7528
\n# \u6548\u679c: \u51cf\u5c11\u7aef\u53e3\u8017\u5c3d\u98ce\u9669
\nnet.ipv4.tcp_tw_reuse = 1
\nnet.ipv4.tcp_fin_timeout = 30
\n\u200b
\n# \u3010Docker\u5fc5\u987b\u3011\u589e\u5927\u8fde\u63a5\u8ddf\u8e2a\u8868
\n# \u9ed8\u8ba465535,\u9ad8\u5e76\u53d1\u573a\u666f\u5bb9\u6613\u6ee1
\nnet.netfilter.nf_conntrack_max = 1048576
\nEOF'
\n\u200b
\n# \u7acb\u5373\u751f\u6548
\nsudo sysctl -p \/etc\/sysctl.d\/99-anti-ddos.conf
\n\u200b
\n# \u9a8c\u8bc1\u914d\u7f6e
\nsysctl net.ipv4.tcp_syncookies
\n# \u8f93\u51fa\u5e94\u8be5\u662f: net.ipv4.tcp_syncookies = 1
\n2.2 firewalld SYN \u9650\u901f
\n\u76f8\u6bd4 iptables,firewalld \u7684\u7ba1\u7406\u66f4\u52a0\u73b0\u4ee3\u5316\u3002\u6211\u4eec\u5728\u9632\u706b\u5899\u5c42\u76f4\u63a5\u4e22\u5f03\u8fc7\u5feb\u7684\u8fde\u63a5\u3002<\/p>\n

# \u9650\u5236\u6bcf\u79d2\u6700\u591a25\u4e2a\u65b0\u8fde\u63a5 (\u7a81\u53d150\u4e2a)
\nsudo firewall-cmd –permanent –direct –add-rule ipv4 filter INPUT 0 \\\\
\n \u00a0 \u00a0-p tcp –syn -m limit –limit 25\/s –limit-burst 50 -j ACCEPT
\n\u200b
\nsudo firewall-cmd –permanent –direct –add-rule ipv4 filter INPUT 1 \\\\
\n \u00a0 \u00a0-p tcp –syn -j DROP
\n\u200b
\n# \u9650\u5236 ICMP (\u9632 Ping Flood)
\nsudo firewall-cmd –permanent –direct –add-rule ipv4 filter INPUT 0 \\\\
\n \u00a0 \u00a0-p icmp -m limit –limit 10\/s –limit-burst 20 -j ACCEPT
\n\u200b
\nsudo firewall-cmd –permanent –direct –add-rule ipv4 filter INPUT 1 \\\\
\n \u00a0 \u00a0-p icmp -j DROP
\n\u200b
\n# \u91cd\u8f7d\u89c4\u5219
\nsudo firewall-cmd –reload
\n\u200b
\n# \u9a8c\u8bc1
\nsudo firewall-cmd –direct –get-all-rules<\/p>\n

\u6548\u679c: 99% \u7684 SYN Flood \u653b\u51fb\u5728\u5185\u6838\u5c42\u5c31\u88ab\u4e22\u5f03,\u6839\u672c\u4e0d\u4f1a\u5230\u8fbe\u4f60\u7684 Nginx\u3002<\/p>\n

\n

\u4e09\u3001L2 \u5bbf\u4e3b\u673a\u5c42:Fail2Ban + IPSet \u9ad8\u6027\u80fd\u5c01\u7981<\/h3>\n

\u666e\u901a\u73a9\u5bb6\u7528 Fail2Ban \u4fee\u6539 iptables \u89c4\u5219,\u6bcf\u5c01\u4e00\u4e2a IP \u52a0\u4e00\u6761\u89c4\u5219,\u5c01\u51e0\u5343\u4e2a IP \u540e\u7cfb\u7edf\u5c31\u6162\u5982\u8717\u725b\u3002 \u9ad8\u7aef\u73a9\u5bb6\u4f7f\u7528 IPSet\u3002 \u65e0\u8bba\u5c01\u7981 1 \u4e2a\u8fd8\u662f 10 \u4e07\u4e2a IP,\u5339\u914d\u8017\u65f6\u90fd\u662f O(1)(\u6052\u5b9a\u65f6\u95f4),\u5bf9 CPU \u51e0\u4e4e\u96f6\u8d1f\u62c5\u3002<\/p>\n

\u6b64\u5916,\u4e3a\u4e86\u5b8c\u7f8e\u914d\u5408 Docker,\u6211\u4eec\u4f7f\u7528 journald \u4f5c\u4e3a\u65e5\u5fd7\u9a71\u52a8,\u5f7b\u5e95\u89e3\u51b3\u5bb9\u5668\u65e5\u5fd7\u8f6e\u8f6c\u96be\u9898\u3002<\/p>\n

3.1 \u51c6\u5907\u5de5\u4f5c:\u914d\u7f6e Docker \u65e5\u5fd7\u9a71\u52a8<\/h4>\n

\u4fee\u6539 docker-compose.yml,\u8ba9 OpenResty \u4f7f\u7528 journald \u5199\u65e5\u5fd7:<\/p>\n

services:
\n op:
\n image: sprinng\/openresty:1.27.1.2-ms-small-alpine3.23.0
\n container_name: op
\n logging:
\n driver: journald # \u5173\u952e: \u4f7f\u7528\u7cfb\u7edf\u65e5\u5fd7\u9a71\u52a8
\n options:
\n tag: "{{.Name}}"<\/p>\n

\u4fee\u6539\u540e\u8bb0\u5f97\u91cd\u5efa\u5bb9\u5668:docker-compose up -d –force-recreate<\/p>\n

3.2 \u5b89\u88c5 Fail2Ban \u548c IPSet<\/h4>\n

# CentOS\/AlmaLinux
\nsudo dnf install -y epel-release
\nsudo dnf install -y fail2ban ipset
\n\u200b
\n# \u542f\u52a8\u670d\u52a1
\nsudo systemctl enable –now fail2ban<\/p>\n

3.3 \u914d\u7f6e 4 \u4e2a\u91d1\u724c\u76d1\u72f1<\/h4>\n

\u9488\u5bf9\u4e0d\u540c\u7c7b\u578b\u7684\u653b\u51fb,\u6211\u4eec\u8bbe\u8ba1\u4e86 4 \u4e2a\u4e13\u7528\u7684\u201c\u76d1\u72f1\u201d:<\/p>\n

  • \n

    nginx-bad-request: \u4e13\u6293\u534f\u8bae\u63a2\u6d4b(400\u9519\u8bef)<\/p>\n<\/li>\n

  • \n

    nginx-path-scan: \u4e13\u6293\u76ee\u5f55\u626b\u63cf(404\u9519\u8bef)<\/p>\n<\/li>\n

  • \n

    nginx-path-scan-crawler: \u722c\u866b\u4e13\u7528\u901a\u9053(\u5bb9\u5fcd\u5ea6\u66f4\u9ad8)<\/p>\n<\/li>\n

  • \n

    nginx-auth-bruteforce: \u4e13\u6293\u66b4\u529b\u7834\u89e3(401\/403\u9519\u8bef)<\/p>\n<\/li>\n

    \u4e00\u952e\u521b\u5efa\u914d\u7f6e:<\/p>\n

    sudo bash -c 'cat > \/etc\/fail2ban\/jail.d\/docker-nginx.local << EOF
    \n[DEFAULT]
    \n# \u767d\u540d\u5355 (Cloudflare IP + \u672c\u5730IP)
    \nignoreip = 127.0.0.1\/8 ::1 172.18.0.0\/16 192.168.0.0\/16 10.0.0.0\/8 173.245.48.0\/20 103.21.244.0\/22 103.22.200.0\/22 103.31.4.0\/22 141.101.64.0\/18 108.162.192.0\/18 190.93.240.0\/20 188.114.96.0\/20 197.234.240.0\/22 198.41.128.0\/17 162.158.0.0\/15 104.16.0.0\/13 104.24.0.0\/14 172.64.0.0\/13 131.0.72.0\/22
    \n\u200b
    \n# \u6838\u5fc3: \u4f7f\u7528 ipset \u9ad8\u6027\u80fd\u5c01\u7981
    \nbanaction = iptables-ipset-proto6
    \n\u200b
    \n# \u76d1\u72f11: \u534f\u8bae\u63a2\u6d4b (1\u6b21400\u5373\u5c01)
    \n[nginx-bad-request]
    \nenabled = true
    \nbackend = systemd
    \njournalmatch = CONTAINER_NAME=op
    \nfilter = nginx-bad-request
    \nmaxretry = 1
    \nfindtime = 60
    \nbantime = 604800 # \u5c017\u5929
    \n\u200b
    \n# \u76d1\u72f12: \u8def\u5f84\u626b\u63cf (60\u79d220\u6b21404)
    \n[nginx-path-scan]
    \nenabled = true
    \nbackend = systemd
    \njournalmatch = CONTAINER_NAME=op
    \nfilter = nginx-path-scan
    \nmaxretry = 20
    \nfindtime = 60
    \nbantime = 3600
    \n\u200b
    \n# \u76d1\u72f13: \u722c\u866b\u5bb9\u9519\u901a\u9053
    \n[nginx-path-scan-crawler]
    \nenabled = true
    \nbackend = systemd
    \njournalmatch = CONTAINER_NAME=op
    \nfilter = nginx-path-scan-crawler
    \nmaxretry = 200
    \nfindtime = 60
    \nbantime = 3600
    \n\u200b
    \n# \u76d1\u72f14: \u66b4\u529b\u7834\u89e3 (10\u6b21401\/403)
    \n[nginx-auth-bruteforce]
    \nenabled = true
    \nbackend = systemd
    \njournalmatch = CONTAINER_NAME=op
    \nfilter = nginx-auth-bruteforce
    \nmaxretry = 10
    \nfindtime = 60
    \nbantime = 21600
    \nEOF'<\/p>\n

    \u6ce8:\u5bf9\u5e94\u7684 filter \u914d\u7f6e\u6587\u4ef6\u8f83\u957f,\u56e0\u7bc7\u5e45\u9650\u5236\u672a\u5b8c\u5168\u5217\u51fa,\u6587\u672b\u90e8\u7f72\u5305\u4e2d\u5305\u542b\u5b8c\u6574\u914d\u7f6e\u3002<\/p>\n

    \n

    \u56db\u3001L3 \u5bb9\u5668 Lua \u5c42:\u9ad8\u6027\u80fd UA \u62e6\u622a<\/h3>\n

    \u4e3a\u4ec0\u4e48\u7528 Lua \u800c\u4e0d\u662f nginx if? \u56e0\u4e3a Lua \u7075\u6d3b\u3001\u6027\u80fd\u9ad8,\u4e14\u53ef\u4ee5\u6253\u5370\u8be6\u7ec6\u65e5\u5fd7,\u65b9\u4fbf\u6392\u67e5\u662f\u8c01\u5728\u653b\u51fb\u4f60\u3002<\/p>\n

    — block_rules.lua \u7247\u6bb5
    \n— \u89c4\u5219: \u62e6\u622a\u5e38\u89c1\u9ed1\u5ba2\u5de5\u5177\u548c\u811a\u672c<\/p>\n

    local ua_blacklist = {
    \n {"^curl\/", "curl"},
    \n {"^Wget\/", "wget"},
    \n {"^python%-requests", "python-requests"},
    \n {"^Go%-http%-client", "go-http-client"},
    \n {"^Scrapy", "scrapy"},
    \n — … \u66f4\u591a\u89c4\u5219
    \n}<\/p>\n

    local ua = ngx.var.http_user_agent or ""
    \nfor _, rule in ipairs(ua_blacklist) do
    \n if string.match(string.lower(ua), rule[1]) then
    \n ngx.log(ngx.WARN, "[BLOCK] reason=ua_blacklist, tool=", rule[2], ", ip=", ngx.var.remote_addr)
    \n return ngx.exit(444) — 444 \u76f4\u63a5\u65ad\u5f00\u8fde\u63a5,\u4e0d\u7ed9\u4efb\u4f55\u56de\u663e
    \n end
    \nend<\/p>\n

    \u6548\u679c: \u7edd\u5927\u591a\u6570\u811a\u672c\u5c0f\u5b50(Script Kiddies)\u5728\u8fd9\u4e00\u5c42\u5c31\u4f1a\u88ab\u65e0\u60c5\u65ad\u5f00,\u8fde HTTP \u5934\u90fd\u62ff\u4e0d\u5230\u3002<\/p>\n

    \n

    \u4e94\u3001L4 \u5bb9\u5668\u9650\u6d41\u5c42:nginx limit_req<\/h3>\n

    CC \u653b\u51fb\u7684\u7279\u70b9\u662f:\u9ad8\u9891\u8bf7\u6c42,\u6d88\u8017\u670d\u52a1\u5668\u8d44\u6e90\u3002<\/p>\n

    nginx \u7684 limit_req \u662f\u6700\u9ad8\u6548\u7684\u89e3\u51b3\u65b9\u6848\u3002<\/p>\n

    5.1 \u6838\u5fc3\u914d\u7f6e<\/h4>\n

    # http \u5757\u4e2d\u5b9a\u4e49 zone
    \n# \u5173\u952e: \u4f7f\u7528 $binary_remote_addr$host \u4f5c\u4e3a key
    \n# \u00a0 \u00a0 \u00a0 \u540c\u4e00 IP \u8bbf\u95ee\u4e0d\u540c\u57df\u540d,\u72ec\u7acb\u8ba1\u6570
    \nlimit_req_zone $binary_remote_addr$host zone=domain_req_limit:10m rate=60r\/s;
    \n\u200b
    \n# server \u5757\u4e2d\u4f7f\u7528
    \nlimit_req zone=domain_req_limit burst=100 nodelay;
    \nlimit_req_status 429;<\/p>\n

    \u53c2\u6570\u8be6\u89e3:<\/p>\n\n\u53c2\u6570\u542b\u4e49<\/tr>\n\n\n\n\n\n\n
    $binary_remote_addr$host<\/td>\n\u6309 IP+\u57df\u540d \u72ec\u7acb\u8ba1\u6570<\/td>\n<\/tr>\n
    10m<\/td>\n10MB \u5185\u5b58,\u7ea6\u5b58\u50a8 16 \u4e07\u4e2a key<\/td>\n<\/tr>\n
    rate=60r\/s<\/td>\n\u6bcf\u79d2\u6700\u591a 60 \u4e2a\u8bf7\u6c42<\/td>\n<\/tr>\n
    burst=100<\/td>\n\u5141\u8bb8\u7a81\u53d1 100 \u4e2a\u8bf7\u6c42<\/td>\n<\/tr>\n
    nodelay<\/td>\n\u7a81\u53d1\u8bf7\u6c42\u4e0d\u6392\u961f,\u76f4\u63a5\u5904\u7406\u6216\u62d2\u7edd<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

    \u4e3a\u4e86\u66f4\u5f62\u8c61\u5730\u7406\u89e3,\u6211\u4eec\u53ef\u4ee5\u628a\u5b83\u770b\u4f5c\u4e00\u4e2a\u201c\u6f0f\u6876\u201d,\u5982\u4e0b\u56fe\u6240\u793a:\"\"<\/p>\n

    5.2 \u4e3a\u4ec0\u4e48\u7528 IP+\u57df\u540d \u4f5c\u4e3a key?<\/h4>\n

    \u5047\u8bbe\u4f60\u6709\u591a\u4e2a\u57df\u540d:a.com\u3001b.com\u3001c.com<\/p>\n

    \u5982\u679c\u53ea\u7528 IP \u4f5c\u4e3a key:<\/p>\n

      \n
    • \n

      \u7528\u6237\u8bbf\u95ee a.com 30\u6b21 + b.com 30\u6b21 + c.com 30\u6b21<\/p>\n<\/li>\n

    • \n

      \u603b\u8ba1 90 \u6b21,\u89e6\u53d1\u9650\u6d41,\u7528\u6237\u4f53\u9a8c\u5dee<\/p>\n<\/li>\n<\/ul>\n

      \u4f7f\u7528 IP+\u57df\u540d \u4f5c\u4e3a key:<\/p>\n

        \n
      • \n

        \u6bcf\u4e2a\u57df\u540d\u72ec\u7acb\u8ba1\u6570<\/p>\n<\/li>\n

      • \n

        \u7528\u6237\u6bcf\u4e2a\u57df\u540d\u90fd\u53ef\u4ee5\u8bbf\u95ee 60 \u6b21<\/p>\n<\/li>\n

      • \n

        \u4e0d\u4f1a\u8bef\u4f24\u6b63\u5e38\u7528\u6237<\/p>\n<\/li>\n<\/ul>\n

        \n

        \u516d\u3001L5 \u5bb9\u5668 WAF \u5c42:ModSecurity + OWASP CRS<\/h3>\n

        \u8fd9\u662f\u6700\u540e\u4e00\u9053\u9632\u7ebf,\u4e5f\u662f\u6700\u667a\u80fd\u7684\u9632\u7ebf\u3002\u5b83\u80fd\u8bc6\u522b SQL \u6ce8\u5165\u3001XSS\u3001WebShell \u4e0a\u4f20\u7b49\u590d\u6742\u653b\u51fb\u3002<\/p>\n

        6.1 \u6838\u5fc3\u914d\u7f6e\u907f\u5751<\/h4>\n

        \u65b0\u624b\u6700\u5bb9\u6613\u8e29\u7684\u5751: Fail2Ban \u542f\u52a8\u5931\u8d25\u3002 \u539f\u56e0\u5f80\u5f80\u662f ModSecurity \u7684\u5ba1\u8ba1\u65e5\u5fd7\u6587\u4ef6\u4e0d\u5b58\u5728\u3002Fail2Ban \u542f\u52a8\u65f6\u5fc5\u987b\u68c0\u6d4b\u5230\u65e5\u5fd7\u6587\u4ef6,\u5426\u5219\u4f1a\u62a5\u9519\u9000\u51fa\u3002<\/p>\n

        \u89e3\u51b3\u65b9\u6848(Pro Tip): \u5728\u90e8\u7f72\u524d,\u52a1\u5fc5\u624b\u52a8\u521b\u5efa\u65e5\u5fd7\u6587\u4ef6:<\/p>\n

        # \u786e\u4fdd\u76ee\u5f55\u548c\u6587\u4ef6\u5b58\u5728
        \nsudo mkdir -p \/data\/op\/modsecurity\/logs\/modsecurity\/
        \nsudo touch \/data\/op\/modsecurity\/logs\/modsecurity\/audit.log
        \n\u200b
        \n# \u7136\u540e\u518d\u542f\u52a8\u5bb9\u5668\u548c Fail2Ban<\/p>\n

        6.2 \u542f\u7528 OWASP CRS<\/h4>\n

        \u6211\u4eec\u4f7f\u7528 OWASP Core Rule Set (CRS) v4,\u8fd9\u662f\u76ee\u524d\u4e16\u754c\u4e0a\u6700\u4f18\u79c0\u7684\u5f00\u6e90 WAF \u89c4\u5219\u96c6\u3002<\/p>\n

        # modsecurity.conf
        \nSecRuleEngine On \u00a0# \u5f00\u542f\u62e6\u622a\u6a21\u5f0f
        \nInclude \/etc\/modsecurity\/coreruleset\/crs-setup.conf
        \nInclude \/etc\/modsecurity\/coreruleset\/rules\/*.conf<\/p>\n

        \n

        \u4e03\u3001\u5feb\u901f\u9a8c\u8bc1:\u4f60\u7684\u76fe\u724c\u575a\u56fa\u5417?<\/h3>\n

        \u90e8\u7f72\u5b8c\u6210\u540e,\u522b\u5fd8\u4e86\u6d4b\u8bd5\u4e00\u4e0b:<\/p>\n

        # 1. \u6d4b\u8bd5 Lua \u62e6\u622a (\u6a21\u62df Curl)
        \ncurl http:\/\/your-domain.com\/
        \n# \u9884\u671f: \u8fde\u63a5\u88ab\u7acb\u5373\u5173\u95ed (Empty reply from server)
        \n\u200b
        \n# 2. \u6d4b\u8bd5 WAF \u62e6\u622a (\u6a21\u62df SQL \u6ce8\u5165)
        \ncurl "http:\/\/your-domain.com\/?id=1' OR '1'='1"
        \n# \u9884\u671f: 403 Forbidden
        \n\u200b
        \n# 3. \u6d4b\u8bd5 Fail2Ban (\u6a21\u62df\u626b\u63cf)
        \n# \u5728\u53e6\u4e00\u53f0\u673a\u5668\u8fde\u7eed\u8bf7\u6c42\u4e0d\u5b58\u5728\u7684\u9875\u9762
        \nfor i in {1..30}; do curl http:\/\/your-domain.com\/scan_$i; done
        \n# \u9884\u671f: IP \u88ab\u5c01\u7981,\u8fde\u63a5\u8d85\u65f6<\/p>\n

        \n

        \u516b\u3001\u4e3a\u4ec0\u4e48\u4f60\u9700\u8981\u201c\u751f\u4ea7\u7ea7\u5b89\u5168\u90e8\u7f72\u5305\u201d?<\/h3>\n

        \u4e0a\u9762\u5c55\u793a\u7684\u662f\u6838\u5fc3\u914d\u7f6e,\u8db3\u4ee5\u5e94\u5bf9 90% \u7684\u666e\u901a\u653b\u51fb\u3002\u4f46\u4ece\u201c\u80fd\u7528\u201d\u5230\u201c\u751f\u4ea7\u7ea7\u597d\u7528\u201d,\u8fd8\u6709\u5f88\u957f\u7684\u8def\u8981\u8d70:<\/p>\n

      • \n

        Fail2Ban \u7684 filter \u6b63\u5219\u5f88\u96be\u5199:\u5199\u9519\u4e00\u4e2a\u5b57\u7b26,Fail2Ban \u5c31\u65e0\u6cd5\u8bc6\u522b\u65e5\u5fd7,\u9632\u62a4\u5931\u6548\u3002<\/p>\n<\/li>\n

      • \n

        ModSecurity \u8bef\u62a5\u591a:WordPress \u540e\u53f0\u65e0\u6cd5\u4fdd\u5b58?\u5bcc\u6587\u672c\u7f16\u8f91\u5668\u65e0\u6cd5\u63d0\u4ea4?\u4e0d\u5904\u7406\u8bef\u62a5,\u7f51\u7ad9\u6839\u672c\u6ca1\u6cd5\u7528\u3002<\/p>\n<\/li>\n

      • \n

        \u89c4\u5219\u5e93\u66f4\u65b0\u9ebb\u70e6:\u653b\u51fb\u624b\u6bb5\u65e5\u65b0\u6708\u5f02,\u4f60\u7684\u89c4\u5219\u5e93\u8fd8\u5728\u7528\u53bb\u5e74\u7684\u5417?<\/p>\n<\/li>\n

      • \n

        IPSet \u914d\u7f6e\u590d\u6742:\u9700\u8981\u7cbe\u786e\u7684 ipset \u547d\u4ee4\u914d\u5408 iptables \u624d\u80fd\u751f\u6548,\u9519\u4e00\u6b65\u5c31\u662f\u5168\u7f51\u65ad\u8fde\u3002<\/p>\n<\/li>\n

        \u5982\u6709\u9700\u6c42,\u8bf7\u5173\u6ce8\u516c\u4f17\u53f7 [\u6280\u672f\u4fee\u7f57] ,\u83b7\u53d6<\/p>\n

        \"\"<\/p><\/p>\n","protected":false},"excerpt":{"rendered":"

        \u524d\u8a00:\u4e00\u4e2a\u8ba9\u6211\u591c\u4e0d\u80fd\u5bd0\u7684\u95ee\u9898\u4e0a\u5468\u4e94\u51cc\u66683\u70b9,\u6211\u88ab\u77ed\u4fe1\u60ca\u9192\u2014\u2014\u670d\u52a1\u5668CPU\u98d9\u5230100%,\u7f51\u7ad9\u5168\u6302\u3002\u67e5\u65e5\u5fd7,\u89e6\u76ee\u60ca\u5fc3:# 1\u5c0f\u65f6\u5185\u7684\u6076\u610f\u8bf7\u6c42
        \ngrep \\”nikto\\\\|sqlmap\\\\|nmap\\” access.log | wc -l
        \n# \u7ed3\u679c:238472\u4e07\u591a\u6b21\u653b\u51fb\u626b\u63cf,\u6765\u81ea\u5168\u7403\u5404\u5730\u7684IP,\u75af\u72c2\u63a2\u6d4b\u6211\u7684\u6f0f\u6d1e\u3002\u8fd9\u4e0d\u662f\u4e2a\u4f8b\u3002\u6839\u636e Cloudflare 2025\u5e74\u62a5\u544a&#xf<\/p>\n","protected":false},"author":2,"featured_media":67069,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[43,44],"topic":[],"class_list":["post-67073","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-server","tag-43","tag-44"],"yoast_head":"\n\u51cc\u66683\u70b9\u670d\u52a1\u5668\u88abCPU\u6253\u7206\uff01\u4ece\u88f8\u5954\u5230\u94dc\u5899\u94c1\u58c1\uff0c\u8fd9\u5957\u7eb5\u6df1\u9632\u5fa1\u65b9\u6848\u6551\u4e86\u6211\u7684\u547d - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.wsisp.com\/helps\/67073.html\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u51cc\u66683\u70b9\u670d\u52a1\u5668\u88abCPU\u6253\u7206\uff01\u4ece\u88f8\u5954\u5230\u94dc\u5899\u94c1\u58c1\uff0c\u8fd9\u5957\u7eb5\u6df1\u9632\u5fa1\u65b9\u6848\u6551\u4e86\u6211\u7684\u547d - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3\" \/>\n<meta property=\"og:description\" content=\"\u524d\u8a00:\u4e00\u4e2a\u8ba9\u6211\u591c\u4e0d\u80fd\u5bd0\u7684\u95ee\u9898\u4e0a\u5468\u4e94\u51cc\u66683\u70b9,\u6211\u88ab\u77ed\u4fe1\u60ca\u9192\u2014\u2014\u670d\u52a1\u5668CPU\u98d9\u5230100%,\u7f51\u7ad9\u5168\u6302\u3002\u67e5\u65e5\u5fd7,\u89e6\u76ee\u60ca\u5fc3:# 1\u5c0f\u65f6\u5185\u7684\u6076\u610f\u8bf7\u6c42 grep "nikto\\|sqlmap\\|nmap" access.log | wc -l # \u7ed3\u679c:238472\u4e07\u591a\u6b21\u653b\u51fb\u626b\u63cf,\u6765\u81ea\u5168\u7403\u5404\u5730\u7684IP,\u75af\u72c2\u63a2\u6d4b\u6211\u7684\u6f0f\u6d1e\u3002\u8fd9\u4e0d\u662f\u4e2a\u4f8b\u3002\u6839\u636e Cloudflare 2025\u5e74\u62a5\u544a&#xf\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.wsisp.com\/helps\/67073.html\" \/>\n<meta property=\"og:site_name\" content=\"\u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3\" \/>\n<meta property=\"article:published_time\" content=\"2026-01-27T23:25:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.wsisp.com\/helps\/wp-content\/uploads\/2026\/01\/20260127232524-69794964b2472.png\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.wsisp.com\/helps\/67073.html\",\"url\":\"https:\/\/www.wsisp.com\/helps\/67073.html\",\"name\":\"\u51cc\u66683\u70b9\u670d\u52a1\u5668\u88abCPU\u6253\u7206\uff01\u4ece\u88f8\u5954\u5230\u94dc\u5899\u94c1\u58c1\uff0c\u8fd9\u5957\u7eb5\u6df1\u9632\u5fa1\u65b9\u6848\u6551\u4e86\u6211\u7684\u547d - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3\",\"isPartOf\":{\"@id\":\"https:\/\/www.wsisp.com\/helps\/#website\"},\"datePublished\":\"2026-01-27T23:25:28+00:00\",\"dateModified\":\"2026-01-27T23:25:28+00:00\",\"author\":{\"@id\":\"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/358e386c577a3ab51c4493330a20ad41\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.wsisp.com\/helps\/67073.html#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.wsisp.com\/helps\/67073.html\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.wsisp.com\/helps\/67073.html#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.wsisp.com\/helps\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u51cc\u66683\u70b9\u670d\u52a1\u5668\u88abCPU\u6253\u7206\uff01\u4ece\u88f8\u5954\u5230\u94dc\u5899\u94c1\u58c1\uff0c\u8fd9\u5957\u7eb5\u6df1\u9632\u5fa1\u65b9\u6848\u6551\u4e86\u6211\u7684\u547d\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.wsisp.com\/helps\/#website\",\"url\":\"https:\/\/www.wsisp.com\/helps\/\",\"name\":\"\u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3\",\"description\":\"\u9999\u6e2f\u670d\u52a1\u5668_\u9999\u6e2f\u4e91\u670d\u52a1\u5668\u8d44\u8baf_\u670d\u52a1\u5668\u5e2e\u52a9\u6587\u6863_\u670d\u52a1\u5668\u6559\u7a0b\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.wsisp.com\/helps\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/358e386c577a3ab51c4493330a20ad41\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/gravatar.wp-china-yes.net\/avatar\/?s=96&d=mystery\",\"contentUrl\":\"https:\/\/gravatar.wp-china-yes.net\/avatar\/?s=96&d=mystery\",\"caption\":\"admin\"},\"sameAs\":[\"http:\/\/wp.wsisp.com\"],\"url\":\"https:\/\/www.wsisp.com\/helps\/author\/admin\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\u51cc\u66683\u70b9\u670d\u52a1\u5668\u88abCPU\u6253\u7206\uff01\u4ece\u88f8\u5954\u5230\u94dc\u5899\u94c1\u58c1\uff0c\u8fd9\u5957\u7eb5\u6df1\u9632\u5fa1\u65b9\u6848\u6551\u4e86\u6211\u7684\u547d - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.wsisp.com\/helps\/67073.html","og_locale":"zh_CN","og_type":"article","og_title":"\u51cc\u66683\u70b9\u670d\u52a1\u5668\u88abCPU\u6253\u7206\uff01\u4ece\u88f8\u5954\u5230\u94dc\u5899\u94c1\u58c1\uff0c\u8fd9\u5957\u7eb5\u6df1\u9632\u5fa1\u65b9\u6848\u6551\u4e86\u6211\u7684\u547d - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3","og_description":"\u524d\u8a00:\u4e00\u4e2a\u8ba9\u6211\u591c\u4e0d\u80fd\u5bd0\u7684\u95ee\u9898\u4e0a\u5468\u4e94\u51cc\u66683\u70b9,\u6211\u88ab\u77ed\u4fe1\u60ca\u9192\u2014\u2014\u670d\u52a1\u5668CPU\u98d9\u5230100%,\u7f51\u7ad9\u5168\u6302\u3002\u67e5\u65e5\u5fd7,\u89e6\u76ee\u60ca\u5fc3:# 1\u5c0f\u65f6\u5185\u7684\u6076\u610f\u8bf7\u6c42 grep \"nikto\\|sqlmap\\|nmap\" access.log | wc -l # \u7ed3\u679c:238472\u4e07\u591a\u6b21\u653b\u51fb\u626b\u63cf,\u6765\u81ea\u5168\u7403\u5404\u5730\u7684IP,\u75af\u72c2\u63a2\u6d4b\u6211\u7684\u6f0f\u6d1e\u3002\u8fd9\u4e0d\u662f\u4e2a\u4f8b\u3002\u6839\u636e Cloudflare 2025\u5e74\u62a5\u544a&#xf","og_url":"https:\/\/www.wsisp.com\/helps\/67073.html","og_site_name":"\u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3","article_published_time":"2026-01-27T23:25:28+00:00","og_image":[{"url":"https:\/\/www.wsisp.com\/helps\/wp-content\/uploads\/2026\/01\/20260127232524-69794964b2472.png"}],"author":"admin","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"admin","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"4 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.wsisp.com\/helps\/67073.html","url":"https:\/\/www.wsisp.com\/helps\/67073.html","name":"\u51cc\u66683\u70b9\u670d\u52a1\u5668\u88abCPU\u6253\u7206\uff01\u4ece\u88f8\u5954\u5230\u94dc\u5899\u94c1\u58c1\uff0c\u8fd9\u5957\u7eb5\u6df1\u9632\u5fa1\u65b9\u6848\u6551\u4e86\u6211\u7684\u547d - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3","isPartOf":{"@id":"https:\/\/www.wsisp.com\/helps\/#website"},"datePublished":"2026-01-27T23:25:28+00:00","dateModified":"2026-01-27T23:25:28+00:00","author":{"@id":"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/358e386c577a3ab51c4493330a20ad41"},"breadcrumb":{"@id":"https:\/\/www.wsisp.com\/helps\/67073.html#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.wsisp.com\/helps\/67073.html"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.wsisp.com\/helps\/67073.html#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.wsisp.com\/helps"},{"@type":"ListItem","position":2,"name":"\u51cc\u66683\u70b9\u670d\u52a1\u5668\u88abCPU\u6253\u7206\uff01\u4ece\u88f8\u5954\u5230\u94dc\u5899\u94c1\u58c1\uff0c\u8fd9\u5957\u7eb5\u6df1\u9632\u5fa1\u65b9\u6848\u6551\u4e86\u6211\u7684\u547d"}]},{"@type":"WebSite","@id":"https:\/\/www.wsisp.com\/helps\/#website","url":"https:\/\/www.wsisp.com\/helps\/","name":"\u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3","description":"\u9999\u6e2f\u670d\u52a1\u5668_\u9999\u6e2f\u4e91\u670d\u52a1\u5668\u8d44\u8baf_\u670d\u52a1\u5668\u5e2e\u52a9\u6587\u6863_\u670d\u52a1\u5668\u6559\u7a0b","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.wsisp.com\/helps\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/358e386c577a3ab51c4493330a20ad41","name":"admin","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/image\/","url":"https:\/\/gravatar.wp-china-yes.net\/avatar\/?s=96&d=mystery","contentUrl":"https:\/\/gravatar.wp-china-yes.net\/avatar\/?s=96&d=mystery","caption":"admin"},"sameAs":["http:\/\/wp.wsisp.com"],"url":"https:\/\/www.wsisp.com\/helps\/author\/admin"}]}},"_links":{"self":[{"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/posts\/67073","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/comments?post=67073"}],"version-history":[{"count":0,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/posts\/67073\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/media\/67069"}],"wp:attachment":[{"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/media?parent=67073"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/categories?post=67073"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/tags?post=67073"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/topic?post=67073"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}