紧急求助军哥
access.log里显示有上万个这种访问特征,论坛直接被卡死请教下:怎么配置nginx,匹配这种\x00请求(非GET/POST请求),直接返回400,或者直接抛弃,不用再做其他处理了。
如下特征:
220.163.116.138 - - "\x00" 400 166 "-" "-"
60.248.34.47 - - "\x00" 400 0 "-" "-"
61.230.199.79 - - "\x00" 400 0 "-" "-"
114.36.74.74 - - "\x00" 400 0 "-" "-"
114.36.74.74 - - "\x00" 400 0 "-" "-"
61.227.170.5 - - "\x00" 400 0 "-" "-"
111.204.124.185 - - "\x00" 400 166 "-" "-"
114.36.74.74 - - "\x00" 400 0 "-" "-"
61.230.139.144 - - "\x00" 400 0 "-" "-"
122.102.39.18 - - "\x00" 400 166 "-" "-"
61.77.125.95 - - "\x00" 400 166 "-" "-"
60.248.34.47 - - "\x00" 400 0 "-" "-"
218.173.155.124 - - "\x00" 400 0 "-" "-"
1.161.233.139 - - "\x00" 400 0 "-" "-"
218.173.155.124 - - "\x00" 400 0 "-" "-"
114.37.207.139 - - "\x00" 400 0 "-" "-"
220.163.116.138 - - "\x00" 400 166 "-" "-"
219.68.204.21 - - "\x00" 400 0 "-" "-"
218.166.118.106 - - "\x00" 400 166 "-" "-"
122.102.39.18 - - "\x00" 400 166 "-" "-"
1.200.222.1 - - "\x00" 400 166 "-" "-"
210.14.159.248 - - "\x00" 400 166 "-" "-"
175.181.177.16 - - "\x00" 400 166 "-" "-"
122.102.39.18 - - "\x00" 400 166 "-" "-"
122.114.197.59 - - "\x00" 400 166 "-" "-"
178.150.35.121 - - "\x00" 400 166 "-" "-"
125.208.30.2 - - "\x00" 400 166 "-" "-"
189.0.73.80 - - "\x00" 400 166 "-" "-"
61.230.139.144 - - "\x00" 400 0 "-" "-"
118.160.133.189 - - "\x00" 400 0 "-" "-" 一般只有get、post、head会用的到,你确定你也只需要这几个请求方法的话可以在对应虚拟主机里面添加上
if ($request_method !~ ^(GET|POST|HEAD|PUT)$ )
{
return 444;
}
将一些非法请求都丢掉不处理 好的,谢谢军哥回复。:)
页:
[1]