这两天登录博客后台，151条垃圾评论，一看就是机器人注入的。

查看了一下IP地址：是乌克兰的IP地址，可能是传说中的新手练练手，哈哈~~

添加防火墙规则： firewall-cmd --permanent --zone=public --add-rich-rule="rule family='ipv4' source address='91.200.12.0/24' port port=80 protocol=tcp reject" ， firewall-cmd --permanent --zone=public --add-rich-rule="rule family='ipv4' source address='91.200.12.0/24' port port=443 protocol=tcp reject"

查看防火墙规则：

[root@ImmenseGargantuan-VM ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0
  sources: 
  services:
  ports: 80/tcp  443/tcp
  protocols: 
  masquerade: yes
  forward-ports: 
  sourceports: 
  icmp-blocks: 
  rich rules: 
    rule family="ipv4" source address="91.200.12.0/24" port port="80" protocol="tcp" reject
    rule family="ipv4" source address="91.200.12.0/24" port port="443" protocol="tcp" reject

删除规则： firewall-cmd --permanent --zone=public --remove-rich-rule="rule family='ipv4' source address='182.242.74.156' port port=443 protocol=tcp reject"

重启防火墙： firewall-cmd --reload