VPS侦探论坛

 找回密码
 注册
查看: 3473|回复: 2

紧急求助军哥

[复制链接]
发表于 2018-3-10 19:33:49 | 显示全部楼层 |阅读模式

access.log里显示有上万个这种访问特征,论坛直接被卡死

请教下:怎么配置nginx,匹配这种\x00请求(非GET/POST请求),直接返回400,或者直接抛弃,不用再做其他处理了。


如下特征:
220.163.116.138 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 166 "-" "-"
60.248.34.47 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 0 "-" "-"
61.230.199.79 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 0 "-" "-"
114.36.74.74 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 0 "-" "-"
114.36.74.74 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 0 "-" "-"
61.227.170.5 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 0 "-" "-"
111.204.124.185 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 166 "-" "-"
114.36.74.74 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 0 "-" "-"
61.230.139.144 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 0 "-" "-"
122.102.39.18 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 166 "-" "-"
61.77.125.95 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 166 "-" "-"
60.248.34.47 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 0 "-" "-"
218.173.155.124 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 0 "-" "-"
1.161.233.139 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 0 "-" "-"
218.173.155.124 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 0 "-" "-"
114.37.207.139 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 0 "-" "-"
220.163.116.138 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 166 "-" "-"
219.68.204.21 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 0 "-" "-"
218.166.118.106 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 166 "-" "-"
122.102.39.18 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 166 "-" "-"
1.200.222.1 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 166 "-" "-"
210.14.159.248 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 166 "-" "-"
175.181.177.16 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 166 "-" "-"
122.102.39.18 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 166 "-" "-"
122.114.197.59 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 166 "-" "-"
178.150.35.121 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 166 "-" "-"
125.208.30.2 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 166 "-" "-"
189.0.73.80 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 166 "-" "-"
61.230.139.144 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 0 "-" "-"
118.160.133.189 - - [08/Mar/2018:19:54:54 +0800] "\x00" 400 0 "-" "-"
美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
发表于 2018-3-10 21:23:54 | 显示全部楼层


一般只有get、post、head会用的到,你确定你也只需要这几个请求方法的话可以在对应虚拟主机里面添加上
  1. if ($request_method !~ ^(GET|POST|HEAD|PUT)$ )
  2. {
  3.         return 444;
  4. }
复制代码

将一些非法请求都丢掉不处理
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
 楼主| 发表于 2018-3-11 12:07:58 | 显示全部楼层

好的,谢谢军哥回复。:)
美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
您需要登录后才可以回帖 登录 | 注册

本版积分规则

小黑屋|手机版|Archiver|VPS侦探 ( 鲁ICP备16040043号-1 )

GMT+8, 2024-11-18 22:51 , Processed in 0.025695 second(s), 16 queries .

Powered by Discuz! X3.4

© 2001-2023 Discuz! Team.

快速回复 返回顶部 返回列表