diff --git a/README.md b/README.md
index bc35065..3110d01 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,60 @@
-http-guard
-==========
+# http-guard
 
-prevent cc attack
+HttpGuard是基于openresty,以lua脚本语言开发的防cc攻击软件。而openresty是集成了高性能web服务器Nginx，以及一系列的Nginx模块，这其中最重要的，也是我们主要用到的nginx lua模块。HttpGuard基于nginx lua开发，继承了nginx高并发，高性能的特点，可以以非常小的性能损耗来防范大规模的cc攻击。
+
+下面介绍HttpGuard防cc的一些特性：
+
+1. 限制单个IP或者UA在一定时间内的请求次数
+2. 向访客发送302转向响应头来识别恶意用户,并阻止其再次访问
+3. 向访客发送带有跳转功能的js代码来识别恶意用户，并阻止其再次访问
+4. 向访客发送cookie来识别恶意用户,并阻止其再次访问
+5. 支持向访客发送带有验证码的页面，来进一步识别，以免误伤
+6. 支持直接断开恶意访客的连接
+7. 支持结合iptables来阻止恶意访客再次连接
+8. 支持白名单/黑名单功能
+9. 支持根据统计特定端口的连接数来自动开启或关闭防cc模式
+
+## 部署HttpGuard
+### 安装openresty或者nginx lua
+
+按照openresty官网手动安装[http://openresty.com](http://openresty.com)
+
+### 安装HttpGuard
+
+假设我们把HttpGuard安装到/data/www/waf/，当然你可以选择安装在任意目录。
+
+```
+cd /data/www
+wget --no-check-certificate https://github.com/wenjun1055/HttpGuard/archive/master.zip
+unzip master.zip
+mv HttpGuard-master waf
+```
+
+### 生成验证码图片
+
+为了支持验证码识别用户，我们需要先生成验证码图片。生成验证码图片需要系统安装有php，以及php-gd模块。
+用以下命令执行getImg.php文件生成验证码
+
+```
+cd /data/www/waf/captcha/
+/usr/local/php/bin/php getImg.php
+```
+
+大概要生成一万个图片，可能需要花几分钟的时间。
+
+### 修改nginx.conf配置文件
+
+向http区块输入如下代码：
+
+```
+lua_package_path "/data/www/waf/?.lua";
+lua_shared_dict guard_dict 100m;
+lua_shared_dict dict_captcha 70m;
+init_by_lua_file '/data/www/waf/init.lua';
+access_by_lua_file '/data/www/waf/runtime.lua';
+lua_max_running_timers 1;
+```
+
+### 配置HttpGuard
+
+详细配置说明在[config.lua](https://github.com/wenjun1055/HttpGuard/blob/master/guard.lua)中，请根据需求进行配置
\ No newline at end of file
diff --git a/captcha/getImg.php b/captcha/getImg.php
index c976054..0daa5af 100644
--- a/captcha/getImg.php
+++ b/captcha/getImg.php
@@ -10,7 +10,7 @@ function getAuthImage($text) {
 	$buttum_c = ImageColorAllocate($im,$tmpC0,$tmpC1,$tmpC2);
 	imagefill($im, 16, 13, $buttum_c);
 
-	$font = '/data/www/waf/captcha/t1.ttf';
+	$font = __DIR__ . '/t1.ttf';
 
 	for ($i=0;$i<strlen($text);$i++)
 	{
diff --git a/config.lua b/config.lua
index 79487be..e5fa35a 100644
--- a/config.lua
+++ b/config.lua
@@ -1,15 +1,20 @@
 -- http-guard安装目录，修改为实际安装到的目录。
-baseDir = '/data/www/waf/'
+baseDir = '/home/http-guard/'
 
 local Config = {
 	-- key是否动态生成,可选static,dynamic,如果选dynamic,下面所有的keySecret不需要更改,如果选static,修改手动修改下面的keySecret
 	keyDefine = "dynamic",
 
+	-- 被动防御,限制UA请求模块。根据在一定时间内统计到的单个UA请求次数作限制（专门针对火车头采集工具）
+	-- state : 为此模块的状态，表示开启或关闭，可选值为On或Off;
+	-- maxReqs，amongTime : 在amongTime秒内允许请求的最大次数maxReqs，如默认的是在10s内最大允许请求50次。
+	limitUaModules = { state = "On" , maxReqs = 5 , amongTime = 300},
+
 	-- 被动防御,限制请求模块。根据在一定时间内统计到的请求次数作限制,建议始终开启
 	-- state : 为此模块的状态，表示开启或关闭，可选值为On或Off;
 	-- maxReqs，amongTime : 在amongTime秒内允许请求的最大次数maxReqs，如默认的是在10s内最大允许请求50次。
 	-- urlProtect : 指定限制请求次数的url正则表达式文件，默认值为\.php$，表示只限制php的请求(当然，当urlMatchMode = "uri"时，此正则才能起作用)
-	limitReqModules = { state = "On" , maxReqs = 50 , amongTime = 10, urlProtect = baseDir.."url-protect/limit.txt" },
+	limitReqModules = { state = "On" , maxReqs = 5 , amongTime = 86400, urlProtect = baseDir.."url-protect/limit.txt" },
 
 
 	-- 主动防御,302响应头跳转模块。利用cc控制端不支持解析响应头的特点，来识别是否为正常用户，当有必要时才建议开启。
@@ -60,7 +65,7 @@ local Config = {
 	sudoPass = '',
 
 	-- 表示http-guard封锁ip的时间
-	blockTime = 600,
+	blockTime = 86400,
 
 	-- JsJumpModules redirectModules cookieModules验证通过后,ip在白名单的时间
 	whiteTime = 600,
@@ -80,7 +85,10 @@ local Config = {
 	reCaptchaPage = baseDir.."html/reCatchaPage.html",
 
 	-- 白名单ip文件,文件内容为正则表达式。
-	whiteIpModules = { state = "Off", ipList = baseDir.."url-protect/white_ip_list.txt" },
+	whiteIpModules = { state = "On", ipList = baseDir.."url-protect/white_ip_list.txt" },
+
+	-- 黑名单ip文件,文件内容为正则表达式。
+	blackIpModules = { state = "Off", ipList = baseDir.."url-protect/black_ip_list.txt" },
 
 	-- 如果需要从请求头获取真实ip,此值就需要设置,如x-forwarded-for
 	-- 当state为on时,此设置才有效
@@ -90,7 +98,7 @@ local Config = {
 	captchaDir = baseDir.."captcha/",
 
 	-- 是否开启debug日志
-	debug = false,
+	debug = true,
 
 	--日志目录,一般不需要修改.但需要设置logs所有者为nginx运行用户，如nginx运行用户为www，则命令为chown www logs
 	logPath = baseDir.."logs/",
diff --git a/guard.lua b/guard.lua
index 7efc2b9..81410d3 100644
--- a/guard.lua
+++ b/guard.lua
@@ -49,16 +49,93 @@ function Guard:ipInWhiteList(ip)
 	end
 end
 
+function Guard:ipInFileBlackList(ip)
+	if _Conf.fileBlackIpModulesIsOn then
+		self:debug("[IpInFileBlackList] fileBlackIpModules is on.",ip,"")
+
+		if ngx.re.match(ip, _Conf.fileBlackIpList) then --匹配黑名单列表
+			self:debug("[ipInFileBlackList] ip "..ip.. " match black list ".._Conf.fileBlackIpList,ip,"")
+			return true
+		else
+			return false
+		end	
+	end
+end
+
+
+--收集不在白名单中的蜘蛛ip
+function Guard:collectSpiderIp(ip, headers)
+	local spiderPattern = "baiduspider|360spider|sogou web spider|sogou inst spider|mediapartners|adsbot-google|googlebot"
+	local userAgent = string.lower(headers["user-agent"])
+	if ngx.re.match(userAgent, spiderPattern) then 
+		local filename = _Conf.logPath.."/spider_ip.log"
+		local file = io.open(filename, "a+")
+		file:write(os.date('%Y-%m-%d %H:%M:%S').." IP "..ip.." UA "..userAgent.."\n")
+		file:close()
+	end
+end
+
 --黑名单模块
-function Guard:blackListModules(ip,reqUri)
+function Guard:blackListModules(ip, reqUri, headers)
 	local blackKey = ip.."black"
 	if _Conf.dict:get(blackKey) then --判断ip是否存在黑名单字典
-		self:debug("[blackListModules] ip "..ip.." in blacklist",ip,reqUri)
+		self:debug("[IpblackListModules] ip "..ip.." in blacklist",ip,reqUri)
 		self:takeAction(ip,reqUri) --存在则执行相应动作
-	end	
+	end
+
+	if _Conf.limitUaModulesIsOn then
+		local userAgent = headers["user-agent"]
+		--不存在UA直接抛验证码
+		if not userAgent then
+			self:debug("[limitUaModules] ip "..ip.." not have ua", ip, reqUri)
+			self:takeAction(ip,reqUri) --存在则执行相应动作
+		end
+
+		local uaMd5 = ngx.md5(userAgent)
+		local blackUaKey = uaMd5 .. 'BlackUAKey'
+		if _Conf.dict:get(blackUaKey) then --判断ua是否存在黑名单字典
+			self:debug("[UablackListModules] ip "..ip.." in ua blacklist".." "..userAgent, ip, reqUri)
+			self:takeAction(ip,reqUri) --存在则执行相应动作
+		end
+	end
 end
 
---限制请求速率模块
+--限制UA请求速率模块
+function Guard:limitUaModules(ip, reqUri, address, headers)
+	local userAgent = headers["user-agent"]
+	--不存在UA直接抛验证码
+	if not userAgent then
+		self:debug("[limitUaModules] ip "..ip.." not have ua", ip, reqUri)
+		self:takeAction(ip,reqUri) --存在则执行相应动作
+	end
+
+	local uaMd5 = ngx.md5(userAgent)
+	local blackUaKey = uaMd5 .. 'BlackUAKey'
+	local limitUaKey = uaMd5 .. 'LimitUaKey'
+	local uaTimes = _Conf.dict:get(limitUaKey) --获取此ua请求的次数
+
+	--增加一次请求记录
+	if uaTimes then
+		_Conf.dict:incr(limitUaKey, 1)
+	else
+		_Conf.dict:set(limitUaKey, 1, _Conf.limitUaModules.amongTime)
+		uaTimes = 0
+	end
+
+	local newUaTimes  = uaTimes + 1
+		self:debug("[limitUaModules] newUaTimes " .. newUaTimes .. "  " .. userAgent, ip, reqUri)
+
+		--判断请求数是否大于阀值,大于则添加黑名单
+		if newUaTimes > _Conf.limitUaModules.maxReqs then --判断是否请求数大于阀值
+			self:debug("[limitUaModules] ip "..ip.. " request exceed ".._Conf.limitUaModules.maxReqs.." "..userAgent, ip, reqUri)
+			_Conf.dict:set(blackUaKey, 0, _Conf.blockTime) --添加此ip到黑名单
+			self:log("[limitUaModules] IP "..ip.." visit "..newUaTimes.." times,block it. "..userAgent)
+		end
+
+end
+
+
+--限制IP请求速率模块
 function Guard:limitReqModules(ip,reqUri,address)
 	if ngx.re.match(address,_Conf.limitUrlProtect,"i") then	
 		self:debug("[limitReqModules] address "..address.." match reg ".._Conf.limitUrlProtect,ip,reqUri)	
@@ -82,6 +159,14 @@ function Guard:limitReqModules(ip,reqUri,address)
 			self:debug("[limitReqModules] ip "..ip.. " request exceed ".._Conf.limitReqModules.maxReqs,ip,reqUri)
 			_Conf.dict:set(blackKey,0,_Conf.blockTime) --添加此ip到黑名单
 			self:log("[limitReqModules] IP "..ip.." visit "..newReqTimes.." times,block it.")
+
+			--大于20次的特别记录下来
+			if newReqTimes > 20 then
+				local filename = _Conf.logPath.."/large_flow.log"
+				local file = io.open(filename, "a+")
+				file:write(os.date('%Y-%m-%d %H:%M:%S').." IP "..ip.."\n")
+				file:close()
+			end
 		end
 
 	end
@@ -534,8 +619,27 @@ function Guard:verifyCaptcha(ip)
 	local captchaValue = _Conf.dict_captcha:get(captchaNum) --从字典获取post value对应的验证码值
 	if captchaValue == postValue then --比较验证码是否相等
 		self:debug("[verifyCaptcha] captcha is valid.delete from blacklist",ip,"")
+
 		_Conf.dict:delete(ip.."black") --从黑名单删除
 		_Conf.dict:delete(ip.."limitreqkey") --访问记录删除
+
+		if _Conf.limitUaModulesIsOn then
+			local headers = ngx.req.get_headers()
+			local userAgent = headers["user-agent"]
+			--不存在UA直接抛验证码
+			if not userAgent then
+				self:debug("[limitUaModules] ip "..ip.." not have ua", ip, reqUri)
+				self:takeAction(ip,reqUri) --存在则执行相应动作
+			end
+
+			local uaMd5 = ngx.md5(userAgent)
+			local blackUaKey = uaMd5 .. 'BlackUAKey'
+			local limitUaKey = uaMd5 .. 'LimitUaKey'
+
+			_Conf.dict:delete(blackUaKey) --从黑名单删除
+			_Conf.dict:delete(limitUaKey) --访问记录删除
+		end
+
 		local expire = ngx.time() + _Conf.keyExpire
 		local captchaKey = ngx.md5(table.concat({ip,_Conf.captchaKey,expire}))
 		local captchaKey = string.sub(captchaKey,"1","10")
diff --git a/html/captcha.html b/html/captcha.html
index 9124bf2..3a7dc4c 100644
--- a/html/captcha.html
+++ b/html/captcha.html
@@ -1,24 +1,171 @@
+<!DOCTYPE html>
 <html>
-    <head>
-        <meta http-equiv="content-type" content="text/html; charset=UTF-8">
-        <title>请输入验证码</title>
-        <style> body { font-family: Tahoma, Verdana, Arial, sans-serif; } 
-			.head_title{margin-top:100px; font-family:"微软雅黑"; font-size:50px; font-weight:lighter;}	
-			p{font-family:"微软雅黑"; font-size:16px; font-weight:lighter; color:#666666;}
-			.btn{ float:left;margin-left:15px; margin-top:5px; width:85px; height:30px; background:#56c458;font-family:"微软雅黑"; font-size:16px; color:#FFFFFF; border:0;}
-			.inp_s{ float:left; margin-left:15px; margin-top:5px; width:200px; height:30px;}
-			.yz{float:left; width:160px; height:40px;}
-			.fors{ margin:0 auto;width:500px; height:40px;}
-		</style>
-    </head>
-    <body>
-        <div align="center">
-			<p><h1 class="head_title">很抱歉...</h1></p>
-			<p>您的查询看起来类似于来自计算机软件的自动请求。为了保护我们的用户，请原谅我们现在暂时不能处理您的请求。 </p>
-			<p>要继续访问网页，请输入下面所示字符：</p>
-            <form  class="fors"  action="/verify-captcha.jpg" method="POST">
-            <img class="yz" src="/get-captcha.jpg" alt="Captcha image"><input class="inp_s" type="text" name="response" /><input class="btn" type="submit" value="确定" />
+<head>
+    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"/>
+    <title>请输入验证码</title>
+    <style>html, body {
+        height: 100%
+    }
+    body {
+        font-family: "微软雅黑","宋体" Tahoma, Verdana, Arial, sans-serif;
+        font: 12px/1.5 arial, \5b8b\4f53;
+        background-color: #fff;
+        margin: 0 auto
+    }
+
+    body, div, h1, form, input {
+        margin: 0;
+        padding: 0
+    }
+    * {
+        -webkit-box-sizing: border-box;
+        -moz-box-sizing: border-box;
+        box-sizing: border-box
+    }
+    button::-moz-focus-inner, input::-moz-focus-inner {
+        border: 0;
+        padding: 0
+    }
+    h1 {
+        margin-top: 100px;
+        font-family: "微软雅黑";
+        font-size: 50px;
+        font-weight: lighter
+    }
+    p {
+        font-family: "微软雅黑";
+        font-size: 16px;
+        font-weight: lighter;
+        color: #666
+    }
+    .w {
+        margin-right: auto;
+        margin-left: auto;
+        padding-left: 15px;
+        padding-right: 15px
+    }
+    .r {
+        margin-left: -15px;
+        margin-right: -15px
+    }
+    @media (min-width: 768px) {
+        .w {
+            width: 750px
+        }
+    }
+    @media (min-width: 992px) {
+        .w {
+            width: 970px
+        }
+    }
+    @media (min-width: 1200px) {
+        .w {
+            width: 1170px
+        }
+    }
+    .sm3, .sm4, .sm5, .md8 {
+        position: relative;
+        min-height: 1px;
+        padding-left: 15px;
+        padding-right: 15px
+    }
+    @media (min-width: 768px) {
+        .sm3, .sm4, .sm5 {
+            float: left
+        }
+        .sm5 {
+            width: 41.66666667%
+        }
+        .sm4 {
+            width: 33.33333333%
+        }
+        .sm3 {
+            width: 25%
+        }
+    }
+    @media (min-width: 992px) {
+        .md8 {
+            float: left
+        }
+        .md8 {
+            width: 66.66666667%
+        }
+        .os2 {
+            margin-left: 16.66666667%
+        }
+    }
+    .fg {
+        margin-bottom: 15px
+    }
+    .w:before, .w:after, .r:before, .r:after, .fg:before, .fg:after {
+        content: " ";
+        display: table
+    }
+    .w:after, .r:after, .fg:after {
+        clear: both
+    }
+    .fc {
+        display: block;
+        width: 100%;
+        height: 34px;
+        padding: 6px 12px;
+        font-size: 14px;
+        line-height: 1.42857143;
+        color: #555;
+        border: 1px solid #ddd;
+        border-radius: 3px
+    }
+    .fc:focus {
+        outline: 0;
+        box-shadow: 0 0 10px rgba(0, 0, 0, .2)
+    }
+    .fc::-moz-placeholder {
+        color: #999;
+        opacity: 1
+    }
+    .btn {
+        display: block;
+        width: 100%;
+        font-weight: normal;
+        cursor: pointer;
+        background-color: #2cc1b1;
+        border-color: transparent;
+        color: #fff;
+        border: 1px solid transparent;
+        padding: 6px 12px;
+        font-size: 14px;
+        line-height: 1.42857143;
+        border-radius: 3px
+    }
+    .btn:focus, .btn:active:focus, .btn.active:focus {
+        outline: 0
+    }
+.red {
+      color: #ce2029
+    }
+    </style>
+</head>
+<body>
+<div class="w" align="center">
+    <div class="r">
+        <div class="md8 os2">
+            <p><br /></p>
+            <div style="border: 1px solid #e9e9e9; width: 100%; font-size: 14px; padding: 5px; margin: 10px 0 10px 0; background: #fcfcfc; line-height: 20px;">
+                <p>本站为防止被恶意攻击已开启验证机制</p>
+                <p>此验证页面仅在被认为恶意攻击时出现</p>
+                <p>您正常浏览时也有可能触发防攻击程序</p>
+            </div>
+            <p class="red">请输入验证码继续访问!!!</p>
+            <form class="r" action="/verify-captcha.jpg" method="POST">
+                <div class="fg sm4"><img class="" src="/get-captcha.jpg" alt="Captcha image"></div>
+                <div class="fg sm5"><input class="fc" type="text" name="response"/></p></div>
+                <div class="fg sm3">
+                    <button id="login" type="submit" class="btn btn-green">确定</button>
+                </div>
             </form>
         </div>
-    </body>
+    </div>
+</div>
+</body>
 </html>
\ No newline at end of file
diff --git a/html/captcha.old.html b/html/captcha.old.html
new file mode 100644
index 0000000..9124bf2
--- /dev/null
+++ b/html/captcha.old.html
@@ -0,0 +1,24 @@
+<html>
+    <head>
+        <meta http-equiv="content-type" content="text/html; charset=UTF-8">
+        <title>请输入验证码</title>
+        <style> body { font-family: Tahoma, Verdana, Arial, sans-serif; } 
+			.head_title{margin-top:100px; font-family:"微软雅黑"; font-size:50px; font-weight:lighter;}	
+			p{font-family:"微软雅黑"; font-size:16px; font-weight:lighter; color:#666666;}
+			.btn{ float:left;margin-left:15px; margin-top:5px; width:85px; height:30px; background:#56c458;font-family:"微软雅黑"; font-size:16px; color:#FFFFFF; border:0;}
+			.inp_s{ float:left; margin-left:15px; margin-top:5px; width:200px; height:30px;}
+			.yz{float:left; width:160px; height:40px;}
+			.fors{ margin:0 auto;width:500px; height:40px;}
+		</style>
+    </head>
+    <body>
+        <div align="center">
+			<p><h1 class="head_title">很抱歉...</h1></p>
+			<p>您的查询看起来类似于来自计算机软件的自动请求。为了保护我们的用户，请原谅我们现在暂时不能处理您的请求。 </p>
+			<p>要继续访问网页，请输入下面所示字符：</p>
+            <form  class="fors"  action="/verify-captcha.jpg" method="POST">
+            <img class="yz" src="/get-captcha.jpg" alt="Captcha image"><input class="inp_s" type="text" name="response" /><input class="btn" type="submit" value="确定" />
+            </form>
+        </div>
+    </body>
+</html>
\ No newline at end of file
diff --git a/html/reCatchaPage.html b/html/reCatchaPage.html
index 8a19567..516734c 100644
--- a/html/reCatchaPage.html
+++ b/html/reCatchaPage.html
@@ -1,25 +1,172 @@
+<!DOCTYPE html>
 <html>
-    <head>
-        <meta http-equiv="content-type" content="text/html; charset=UTF-8">
-        <title>请输入验证码</title>
-        <style> body { font-family: Tahoma, Verdana, Arial, sans-serif; } 
-			.head_title{ margin-top:100px; font-family:"微软雅黑"; font-size:50px; font-weight:lighter;}	
-			p{font-family:"微软雅黑"; font-size:16px; font-weight:lighter; color:#666666;}
-			.btn{ float:left;margin-left:15px; margin-top:5px; width:85px; height:30px; background:#56c458;font-family:"微软雅黑"; font-size:16px; color:#FFFFFF; border:0;}
-			.inp_s{ float:left; margin-left:15px; margin-top:5px; width:200px; height:30px;}
-			.yz{float:left; width:160px; height:40px;}
-			.fors{ margin:0 auto;width:500px; height:40px;}
-		</style>
-    </head>
-    <body>
-        <div align="center">
-			<p><h1 class="head_title">很抱歉...</h1></p>
-			<p>您的查询看起来类似于来自计算机软件的自动请求。为了保护我们的用户，请原谅我们现在暂时不能处理您的请求。 </p>
-			<p>要继续访问网页，请输入下面所示字符：</p>
-			<p><font color="red">验证码输入错误，请重新输入</font></p>
-            <form class="fors" action="/verify-captcha.jpg" method="POST">
-            <img class="yz" src="/get-captcha.jpg" alt="Captcha image"><input class="inp_s" type="text" name="response" /><input class="btn" type="submit" value="确定" />
+<head>
+    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"/>
+    <title>请输入验证码</title>
+    <style>html, body {
+        height: 100%
+    }
+    body {
+        font-family: "微软雅黑","宋体" Tahoma, Verdana, Arial, sans-serif;
+        font: 12px/1.5 arial, \5b8b\4f53;
+        background-color: #fff;
+        margin: 0 auto
+    }
+
+    body, div, h1, form, input {
+        margin: 0;
+        padding: 0
+    }
+    * {
+        -webkit-box-sizing: border-box;
+        -moz-box-sizing: border-box;
+        box-sizing: border-box
+    }
+    button::-moz-focus-inner, input::-moz-focus-inner {
+        border: 0;
+        padding: 0
+    }
+    h1 {
+        margin-top: 100px;
+        font-family: "微软雅黑";
+        font-size: 50px;
+        font-weight: lighter
+    }
+    p {
+        font-family: "微软雅黑";
+        font-size: 16px;
+        font-weight: lighter;
+        color: #666
+    }
+    .w {
+        margin-right: auto;
+        margin-left: auto;
+        padding-left: 15px;
+        padding-right: 15px
+    }
+    .r {
+        margin-left: -15px;
+        margin-right: -15px
+    }
+    @media (min-width: 768px) {
+        .w {
+            width: 750px
+        }
+    }
+    @media (min-width: 992px) {
+        .w {
+            width: 970px
+        }
+    }
+    @media (min-width: 1200px) {
+        .w {
+            width: 1170px
+        }
+    }
+    .sm3, .sm4, .sm5, .md8 {
+        position: relative;
+        min-height: 1px;
+        padding-left: 15px;
+        padding-right: 15px
+    }
+    @media (min-width: 768px) {
+        .sm3, .sm4, .sm5 {
+            float: left
+        }
+        .sm5 {
+            width: 41.66666667%
+        }
+        .sm4 {
+            width: 33.33333333%
+        }
+        .sm3 {
+            width: 25%
+        }
+    }
+    @media (min-width: 992px) {
+        .md8 {
+            float: left
+        }
+        .md8 {
+            width: 66.66666667%
+        }
+        .os2 {
+            margin-left: 16.66666667%
+        }
+    }
+    .fg {
+        margin-bottom: 15px
+    }
+    .w:before, .w:after, .r:before, .r:after, .fg:before, .fg:after {
+        content: " ";
+        display: table
+    }
+    .w:after, .r:after, .fg:after {
+        clear: both
+    }
+    .fc {
+        display: block;
+        width: 100%;
+        height: 34px;
+        padding: 6px 12px;
+        font-size: 14px;
+        line-height: 1.42857143;
+        color: #555;
+        border: 1px solid #ddd;
+        border-radius: 3px
+    }
+    .fc:focus {
+        outline: 0;
+        box-shadow: 0 0 10px rgba(0, 0, 0, .2)
+    }
+    .fc::-moz-placeholder {
+        color: #999;
+        opacity: 1
+    }
+    .btn {
+        display: block;
+        width: 100%;
+        font-weight: normal;
+        cursor: pointer;
+        background-color: #2cc1b1;
+        border-color: transparent;
+        color: #fff;
+        border: 1px solid transparent;
+        padding: 6px 12px;
+        font-size: 14px;
+        line-height: 1.42857143;
+        border-radius: 3px
+    }
+    .btn:focus, .btn:active:focus, .btn.active:focus {
+        outline: 0
+    }
+    .red {
+        color: #ce2029
+    }
+    </style>
+</head>
+<body>
+<div class="w" align="center">
+    <div class="r">
+        <div class="md8 os2">
+            <p><br /></p>
+            <div style="border: 1px solid #e9e9e9; width: 100%; font-size: 14px; padding: 5px; margin: 10px 0 10px 0; background: #fcfcfc; line-height: 20px;">
+                <p>本站为防止被恶意攻击已开启验证机制</p>
+                <p>此验证页面仅在被认为恶意攻击时出现</p>
+                <p>您正常浏览时也有可能触发防攻击程序</p>
+            </div>
+            <p class="red">请输入验证码继续访问!!!</p>
+            <p><font color="red">验证码输入错误，请重新输入</font></p>
+            <form class="r" action="/verify-captcha.jpg" method="POST">
+                <div class="fg sm4"><img class="" src="/get-captcha.jpg" alt="Captcha image"></div>
+                <div class="fg sm5"><input class="fc" type="text" name="response"/></p></div>
+                <div class="fg sm3">
+                    <button id="login" type="submit" class="btn btn-green">确定</button>
+                </div>
             </form>
         </div>
-    </body>
+    </div>
+</div>
+</body>
 </html>
\ No newline at end of file
diff --git a/html/reCatchaPage.old.html b/html/reCatchaPage.old.html
new file mode 100644
index 0000000..8a19567
--- /dev/null
+++ b/html/reCatchaPage.old.html
@@ -0,0 +1,25 @@
+<html>
+    <head>
+        <meta http-equiv="content-type" content="text/html; charset=UTF-8">
+        <title>请输入验证码</title>
+        <style> body { font-family: Tahoma, Verdana, Arial, sans-serif; } 
+			.head_title{ margin-top:100px; font-family:"微软雅黑"; font-size:50px; font-weight:lighter;}	
+			p{font-family:"微软雅黑"; font-size:16px; font-weight:lighter; color:#666666;}
+			.btn{ float:left;margin-left:15px; margin-top:5px; width:85px; height:30px; background:#56c458;font-family:"微软雅黑"; font-size:16px; color:#FFFFFF; border:0;}
+			.inp_s{ float:left; margin-left:15px; margin-top:5px; width:200px; height:30px;}
+			.yz{float:left; width:160px; height:40px;}
+			.fors{ margin:0 auto;width:500px; height:40px;}
+		</style>
+    </head>
+    <body>
+        <div align="center">
+			<p><h1 class="head_title">很抱歉...</h1></p>
+			<p>您的查询看起来类似于来自计算机软件的自动请求。为了保护我们的用户，请原谅我们现在暂时不能处理您的请求。 </p>
+			<p>要继续访问网页，请输入下面所示字符：</p>
+			<p><font color="red">验证码输入错误，请重新输入</font></p>
+            <form class="fors" action="/verify-captcha.jpg" method="POST">
+            <img class="yz" src="/get-captcha.jpg" alt="Captcha image"><input class="inp_s" type="text" name="response" /><input class="btn" type="submit" value="确定" />
+            </form>
+        </div>
+    </body>
+</html>
\ No newline at end of file
diff --git a/init.lua b/init.lua
index 477c5c0..3b992af 100644
--- a/init.lua
+++ b/init.lua
@@ -121,6 +121,7 @@ end
 _Conf = {
 	
 	--引入原始设置
+	limitUaModules = Config.limitUaModules,
 	limitReqModules = Config.limitReqModules,
 	redirectModules = Config.redirectModules,
 	JsJumpModules = Config.JsJumpModules,
@@ -137,8 +138,10 @@ _Conf = {
 	captchaKey = Config.captchaKey,
 
 	--解析开关设置
+	limitUaModulesIsOn = optionIsOn(Config.limitUaModules.state),
 	limitReqModulesIsOn = optionIsOn(Config.limitReqModules.state),
 	whiteIpModulesIsOn = optionIsOn(Config.whiteIpModules.state),
+	fileBlackIpModulesIsOn = optionIsOn(Config.blackIpModules.state),
 	realIpFromHeaderIsOn = optionIsOn(Config.realIpFromHeader.state),
 	autoEnableIsOn = optionIsOn(Config.autoEnable.state),
 	redirectModulesIsOn = optionIsOn(Config.redirectModules.state),
@@ -151,6 +154,7 @@ _Conf = {
 	limitUrlProtect = parseRuleFile(Config.limitReqModules.urlProtect),
 	cookieUrlProtect = parseRuleFile(Config.cookieModules.urlProtect),
 	whiteIpList = parseRuleFile(Config.whiteIpModules.ipList),
+	fileBlackIpList = parseRuleFile(Config.blackIpModules.ipList),
 
 	--读取文件到内存
 	captchaPage = readFile2Mem(Config.captchaPage),
diff --git a/runtime.lua b/runtime.lua
index aa1d3df..c664041 100644
--- a/runtime.lua
+++ b/runtime.lua
@@ -28,13 +28,27 @@ else
 	if _Conf.autoEnableIsOn then
 		ngx.timer.at(0,Guard.autoSwitch)
 	end
-		
+
+	--永久黑名单
+	if Guard:ipInFileBlackList(ip) then
+		ngx.exit(404)
+	end
+
 	--白名单模块
 	if not Guard:ipInWhiteList(ip) then
+		--收集不在白名单库里面的蜘蛛
+		Guard:collectSpiderIp(ip, headers)
+
 		--黑名单模块
-		Guard:blackListModules(ip,reqUri)
+		Guard:blackListModules(ip, reqUri, headers)
+
+		--限制UA请求速率模块
+		if _Conf.limitUaModulesIsOn then
+			Guard:debug("[limitUaModules] limitUaModules is on.",ip,reqUri)
+			Guard:limitUaModules(ip, reqUri, address, headers)
+		end
 
-		--限制请求速率模块
+		--限制IP请求速率模块
 		if _Conf.limitReqModulesIsOn then --limitReq模块是否开启
 			Guard:debug("[limitReqModules] limitReqModules is on.",ip,reqUri)
 			Guard:limitReqModules(ip,reqUri,address)
diff --git a/logs/foo b/url-protect/black_ip_list.txt
similarity index 100%
rename from logs/foo
rename to url-protect/black_ip_list.txt
diff --git a/url-protect/limit.txt b/url-protect/limit.txt
index c317c7e..2a9e9d0 100644
--- a/url-protect/limit.txt
+++ b/url-protect/limit.txt
@@ -1 +1,3 @@
-\.php$
\ No newline at end of file
+\.php$
+\.html$
+\.png$
\ No newline at end of file
diff --git a/url-protect/white_ip_list.txt b/url-protect/white_ip_list.txt
index e69de29..7d30de4 100644
--- a/url-protect/white_ip_list.txt
+++ b/url-protect/white_ip_list.txt
@@ -0,0 +1,40 @@
+61.135.186.*
+61.155.149.*
+61.182.137.*
+117.27.149.*
+117.34.28.*
+119.188.132.*
+119.188.14.*
+119.63.193.*
+123.125.71.*
+180.76.5.*
+180.76.6.*
+183.60.235.*
+220.181.108.*
+222.216.190.*
+220.181.126.*
+220.181.165.*
+220.181.38.*
+220.181.51.*
+180.149.130.*
+180.149.133.*
+202.46.48.*
+202.46.49.*
+202.46.50.*
+202.46.51.*
+202.46.52.*
+202.46.53.*
+202.46.54.*
+202.46.55.*
+202.46.56.*
+202.46.60.*
+202.46.61.*
+202.46.62.*
+182.118.26.*
+182.118.43.*
+182.118.44.*
+182.118.45.*
+182.118.54.*
+182.118.60.*
+182.118.70.*
+182.118.71.*
\ No newline at end of file