打印

军哥,遇到这种情况,该怎么防御,附上nginx的日志

军哥,遇到这种情况,该怎么防御,附上nginx的日志

复制内容到剪贴板
代码:
132.232.30.140 - - [07/Mar/2019:20:05:36 +0800] "POST /z.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
132.232.30.140 - - [07/Mar/2019:20:05:36 +0800] "POST /7.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
132.232.30.140 - - [07/Mar/2019:20:05:37 +0800] "POST /xiaoma.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
132.232.30.140 - - [07/Mar/2019:20:05:40 +0800] "POST /xiaomae.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
132.232.30.140 - - [07/Mar/2019:20:05:40 +0800] "POST /xiaomar.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
132.232.30.140 - - [07/Mar/2019:20:05:40 +0800] "POST /qq.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
132.232.30.140 - - [07/Mar/2019:20:05:44 +0800] "POST /data.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
132.232.30.140 - - [07/Mar/2019:20:05:48 +0800] "POST /log.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
132.232.30.140 - - [07/Mar/2019:20:05:48 +0800] "POST /fack.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
132.232.30.140 - - [07/Mar/2019:20:05:51 +0800] "POST /angge.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
132.232.30.140 - - [07/Mar/2019:20:05:52 +0800] "POST /cxfm666.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
132.232.30.140 - - [07/Mar/2019:20:05:52 +0800] "POST /db.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
132.232.30.140 - - [07/Mar/2019:20:05:52 +0800] "POST /hacly.php HTTP/1.1" 503 608 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
132.232.30.140 - - [07/Mar/2019:20:05:53 +0800] "POST /xiaomo.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
132.232.30.140 - - [07/Mar/2019:20:05:56 +0800] "POST /xiaoyu.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.91 Safari/537.36"
上面只是日志的一小部分,持续了有十分钟。然后我网站根本没有这些文件,xiaoyu.php,xiaomo.php,hacly.php。。。等等
请问这是什么情况,该怎么防御,谢谢!!!

TOP

没有具体的规律
只能限制访问次数或者安装waf

LNMP付费问题排查/LNMP技术支持/Paypal信用卡代付/代购VPS,域名,软件等 QQ 503228080 旺旺 lzhenbao
军哥淘宝店铺
QQ/旺旺仅提供代购及付费代维/问题解决等服务,其他不回复!LNMP相关问题请在本论坛发帖,提问前先搜索,按https://bbs.vpser.net/thread-2555-1-1.html 要求反馈问题!

TOP