宝塔面板建站后接入CF自动开启5秒盾+验证码脚本

有大神分享了CF自动开启5秒盾 + 验证码脚本，原理就是通过检测系统负载（cpu或load）自动开启cloudflare UAM和challenge质询（验证码）！！

大鸟这里分享下宝塔面板下如何用起来，使用的前提是你的域名需要接入cloudflare。

1、简介

项目：https://github.com/jiuqiMax/autouam

2、申请api_key

开搞之前先申请CloudFlare API KEY，登录cf之后，点击右上角的个人资料（My Profile），选择｛API Tokens｝选择｛Global API Key｝

3、申请zone_id

回到后台首页，点击域名管理，在右侧就可以看到Zone ID，如图：

4、代码

脚本代码如下：[reply]

#!/bin/bash## Usage:# screen -dmS autouam &&# screen -x -S autouam -p 0 -X stuff "bash /root/autouam.sh" &&# screen -x -S autouam -p 0 -X stuff $'\n'#mode="load"# 两种模式可选，一：cpu 二：loadchallenge="1"# 是否同时开启验证码质询 设为1即开启keeptime="300"# ≈开盾最小时间，如60 则开盾60秒内负载降低不会关，60秒后关interval="0.5"# 检测间隔时间，默认0.5秒email="[email protected]"# CloudFlare 账号邮箱api_key="(´இ皿இ｀)"# CloudFlare API KEYzone_id="ಥ_ಥ"# 区域ID 在域名的概述页面获取default_security_level="high"# 默认安全等级 关闭UAM时将会把安全等级调整为它api_url="https://api.cloudflare.com/client/v4/zones/$zone_id/settings/security_level"# API的地址api_url1="https://api.cloudflare.com/client/v4/zones/$zone_id/firewall/access_rules/rules"# API的地址之二# 安装依赖if [ ! $(which jq 2> /dev/null) ]; then    echo "jq not found!"    if [ -f "/usr/bin/yum" ] && [ -d "/etc/yum.repos.d" ]; then        yum install jq -y    elif [ -f "/usr/bin/apt-get" ] && [ -f "/usr/bin/dpkg" ]; then        apt-get install jq -y    fififor((;;))doif [ "$mode" = "cpu" ];thencheck=90   #5秒内CPU连续超过80 则开启UAM【可以根据您的服务器负荷情况调整】#系统空闲时间TIME_INTERVAL=5time=$(date "+%Y-%m-%d %H:%M:%S")LAST_CPU_INFO=$(cat /proc/stat | grep -w cpu | awk '{print $2,$3,$4,$5,$6,$7,$8}')LAST_SYS_IDLE=$(echo $LAST_CPU_INFO | awk '{print $4}')LAST_TOTAL_CPU_T=$(echo $LAST_CPU_INFO | awk '{print $1+$2+$3+$4+$5+$6+$7}')sleep ${TIME_INTERVAL}NEXT_CPU_INFO=$(cat /proc/stat | grep -w cpu | awk '{print $2,$3,$4,$5,$6,$7,$8}')NEXT_SYS_IDLE=$(echo $NEXT_CPU_INFO | awk '{print $4}')NEXT_TOTAL_CPU_T=$(echo $NEXT_CPU_INFO | awk '{print $1+$2+$3+$4+$5+$6+$7}')#系统空闲时间SYSTEM_IDLE=`echo ${NEXT_SYS_IDLE} ${LAST_SYS_IDLE} | awk '{print $1-$2}'`#CPU总时间TOTAL_TIME=`echo ${NEXT_TOTAL_CPU_T} ${LAST_TOTAL_CPU_T} | awk '{print $1-$2}'`load=`echo ${SYSTEM_IDLE} ${TOTAL_TIME} | awk '{printf "%.2f", 100-$1/$2*100}'`elseload=$(cat /proc/loadavg | colrm 5)check=$(cat /proc/cpuinfo | grep "processor" | wc -l)fiif [ ! -f "status.txt" ];thenecho "" > status.txtelsestatus=$(cat status.txt)finow=$(date +%s)time=$(date +%s -r status.txt)echo "当前$mode负载:$load"if [[ $status -eq 1 ]]thenecho "UAM ON!"elseecho "UAM OFF!"finewtime=`expr $now - $time`closetime=`expr $keeptime - $newtime`if [[ $load <$check ]]&&[[ $status -eq 1 ]]&&[[ $newtime -gt $keeptime ]]then    echo -e "\n$mode负载低于$check，当前已开盾超过规定时间$newtime秒，尝试调整至默认安全等级（$default_security_level）"    # Disable Under Attack Mode    result=$(curl -X PATCH "$api_url" \        -H "X-Auth-Email: $email" \        -H "X-Auth-Key: $api_key" \        -H "Content-Type: application/json" \        --data "{\"value\": \"$default_security_level\"        }" --silent \    | jq -r '.success')    if [ "$result" = "true" ]; then        echo 0 > status.txt        echo -e "\n成功"    fi    if [ "$challenge" -eq 1 ]; then        rulesid=$(curl -X GET "$api_url1?per_page=1000&mode=challenge&configuration.target=country" \-H "X-Auth-Email: $email" \-H "X-Auth-Key: $api_key" \-H "Content-Type: application/json" \--silent \        | jq -r '.result[].id')        for i in $rulesid        doresult=$(curl -X DELETE "$api_url1/$i" \    -H "X-Auth-Email: $email" \    -H "X-Auth-Key: $api_key" \    -H "Content-Type: application/json" \    --data "{        \"cascade\": \"none\"    }" --silent \| jq -r '.success')if [ "$result" = "true" ]; then    echo -e "\n删除验证码 成功 ID: $i"fi        done    fielif [[ $load <$check ]]then    echo -e "\n$mode负载低于$check，不做任何改变，状态持续了$newtime秒"    if [[ $status -eq 1 ]]    then        echo -e "将于$closetime秒后调整安全等级至$default_security_level"    fielif [[ $load >$check ]] && [[ $status -eq 1 ]] && [[ $newtime -gt $keeptime ]]then    echo -e "\n$mode负载高于$check，当前已开启UAM超过$keeptime秒，UAM无效"elif [[ $load >$check ]] && [[ $status -eq 1 ]]then    echo -e "\n$mode负载高于$check，当前已开启($newtime秒)，请再观察"elif [[ $load >$check ]]then    echo -e "\n$mode负载高于$check，开启UAM"    # Enable Under Attack Mode    result=$(curl -X PATCH "$api_url" \        -H "X-Auth-Email: $email" \        -H "X-Auth-Key: $api_key" \        -H "Content-Type: application/json" \--data "{    \"value\": \"under_attack\"}" --silent \    | jq -r '.success')    if [ "$result" = "true" ]; then        echo 1 > status.txt        echo -e "\n成功"    fi    if [ "$challenge" -eq 1 ]; then        for i in AF AX AL DZ AS AD AO AI AQ AG AR AM AW AU AT AZ BS BH BD BB BY BE BZ BJ BM BT BO BQ BA BW BV BR IO BN BG BF BI KH CM CA CV KY CF TD CL CN CX CC CO KM CG CD CK CR CI HR CU CW CY CZ DK DJ DM DO EC EG SV GQ ER EE ET FK FO FJ FI FR GF PF TF GA GM GE DE GH GI GR GL GD GP GU GT GG GN GW GY HT HM VA HN HK HU IS IN ID IR IQ IE IM IL IT JM JP JE JO KZ KE KI KP KR KW KG LA LV LB LS LR LY LI LT LU MO MK MG MW MY MV ML MT MH MQ MR MU YT MX FM MD MC MN ME MS MA MZ MM NA NR NP NL NC NZ NI NE NG NU NF MP NO OM PK PW PS PA PG PY PE PH PN PL PT PR QA RE RO RU RW BL SH KN LC MF PM VC WS SM ST SA SN RS SC SL SG SX SK SI SB SO ZA GS SS ES LK SD SR SJ SZ SE CH SY TW TJ TZ TH TL TG TK TO TT TN TR TM TC TV UG UA AE GB UM UY UZ VU VE VN VG VI WF EH YE ZM ZW XX T1        doresult=$(curl -X POST "$api_url1" \    -H "X-Auth-Email: $email" \    -H "X-Auth-Key: $api_key" \    -H "Content-Type: application/json" \    --data "{        \"mode\": \"challenge\",        \"configuration\": {\"target\": \"country\",\"value\": \"$i\"        }    }" --silent \| jq -r '.success')if [ "$result" = "true" ]; thenecho -e "\n开启对$i国家的验证码 成功"fi        done    fielseecho 0 > status.txtfisleep $intervalcleardone

[/reply]

注意：该修改的地方，要修改。

5、计划任务

宝塔面板的计划任务中新建一个任务，如图：

保存之后，可以试着执行下看看效果：

6、最后

如果你的站点被攻击频繁，可以试着把执行周期改成每天，或者每小时啥的，这个自行调整。如果有更新，请自行进入项目获取最新脚本。

注意！默认challenge=1，将在开启UAM的同时开启验证码。如果你不想，请将它设为0