设为首页收藏本站
切换到窄版

VPS侦探论坛

 找回密码
 注册
VPS侦探论坛»VPS侦探论坛 技术交流区 LNMP一键安装包 军哥,遇到这种情况,该怎么防御,附上nginx的日志 ...
返回列表 发新帖
查看: 3156|回复: 1

军哥,遇到这种情况,该怎么防御,附上nginx的日志

[复制链接]
bskr
发表于 2019-3-8 10:13:40 | 显示全部楼层 |阅读模式

  1. 132.232.30.140 - - [07/Mar/2019:20:05:36 +0800] "POST /z.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
  2. 132.232.30.140 - - [07/Mar/2019:20:05:36 +0800] "POST /7.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
  3. 132.232.30.140 - - [07/Mar/2019:20:05:37 +0800] "POST /xiaoma.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
  4. 132.232.30.140 - - [07/Mar/2019:20:05:40 +0800] "POST /xiaomae.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
  5. 132.232.30.140 - - [07/Mar/2019:20:05:40 +0800] "POST /xiaomar.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
  6. 132.232.30.140 - - [07/Mar/2019:20:05:40 +0800] "POST /qq.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
  7. 132.232.30.140 - - [07/Mar/2019:20:05:44 +0800] "POST /data.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
  8. 132.232.30.140 - - [07/Mar/2019:20:05:48 +0800] "POST /log.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
  9. 132.232.30.140 - - [07/Mar/2019:20:05:48 +0800] "POST /fack.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
  10. 132.232.30.140 - - [07/Mar/2019:20:05:51 +0800] "POST /angge.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
  11. 132.232.30.140 - - [07/Mar/2019:20:05:52 +0800] "POST /cxfm666.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
  12. 132.232.30.140 - - [07/Mar/2019:20:05:52 +0800] "POST /db.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
  13. 132.232.30.140 - - [07/Mar/2019:20:05:52 +0800] "POST /hacly.php HTTP/1.1" 503 608 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
  14. 132.232.30.140 - - [07/Mar/2019:20:05:53 +0800] "POST /xiaomo.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
  15. 132.232.30.140 - - [07/Mar/2019:20:05:56 +0800] "POST /xiaoyu.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
复制代码



上面只是日志的一小部分,持续了有十分钟。然后我网站根本没有这些文件,xiaoyu.php,xiaomo.php,hacly.php。。。等等
请问这是什么情况,该怎么防御,谢谢!!!
美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
回复

举报

licess
发表于 2019-3-8 12:01:48 | 显示全部楼层


没有具体的规律
只能限制访问次数或者安装waf
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
回复 支持 反对

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

小黑屋|手机版|Archiver|VPS侦探 ( 鲁ICP备16040043号-1 )

GMT+8, 2024-11-20 01:28 , Processed in 0.025800 second(s), 16 queries .

Powered by Discuz! X3.4

© 2001-2023 Discuz! Team.

快速回复 返回顶部 返回列表