这个是访问日志记录:
218.59.238.92 - - [08/Dec/2014:03:05:58 +0800] "GET /azenv2.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:03:08:55 +0800] "GET /azz.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:05:34:47 +0800] "GET /azenv.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:09:00:28 +0800] "GET /az.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:10:24:42 +0800] "GET /az.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:10:26:35 +0800] "GET /azenv.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:10:26:36 +0800] "GET /world.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:10:28:00 +0800] "GET /azenv.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:10:28:02 +0800] "GET /az.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:11:10:22 +0800] "GET /world.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:11:11:38 +0800] "GET /azenv2.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:11:12:15 +0800] "GET /azenv2.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:11:56:18 +0800] "GET /azenv2.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:12:41:11 +0800] "GET /az.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:12:44:01 +0800] "GET /azenv.php HTTP/1.0" 404 -
94.242.224.176 - - [08/Dec/2014:13:29:30 +0800] "GET /files/check.php?k=eKp9DbFH16TKhhY4/Chmfg== HTTP/1.1" 404 -
218.59.238.92 - - [08/Dec/2014:14:58:02 +0800] "GET /azenv.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:14:58:43 +0800] "GET /azenv.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:14:59:32 +0800] "GET /azz.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:15:50:20 +0800] "GET /azenv.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:15:50:25 +0800] "GET /world.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:15:50:34 +0800] "GET /azenv2.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:16:55:41 +0800] "GET /world.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:20:36:26 +0800] "GET /azenv2.php HTTP/1.0" 404 -
218.59.238.92 - - [08/Dec/2014:20:40:00 +0800] "GET /azenv2.php HTTP/1.0" 404 -
218.59.238.92 - - [09/Dec/2014:13:33:57 +0800] "GET /azz.php HTTP/1.0" 404 -
218.59.238.92 - - [09/Dec/2014:13:34:33 +0800] "GET /azenv2.php HTTP/1.0" 404 -
218.59.238.92 - - [09/Dec/2014:14:13:52 +0800] "GET /azenv.php HTTP/1.0" 404 -
218.59.238.92 - - [09/Dec/2014:16:42:43 +0800] "GET /azenv.php HTTP/1.0" 404 -
218.59.238.92 - - [09/Dec/2014:16:44:00 +0800] "GET /az.php HTTP/1.0" 404 -
218.59.238.92 - - [09/Dec/2014:17:52:52 +0800] "GET /world.php HTTP/1.0" 404 -
218.59.238.92 - - [09/Dec/2014:17:53:55 +0800] "GET /world.php HTTP/1.0" 404 -
112.124.36.187 - - [09/Dec/2014:17:54:35 +0800] "GET /news/js.php?f_id=1)%20UNION%20SELECT%201,md5(1016),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51%23&type=hot HTTP/1.1" 404 1016
112.124.36.187 - - [10/Dec/2014:13:30:27 +0800] "GET /uploads/update.php HTTP/1.1" 404 1030
42.120.145.118 - - [10/Dec/2014:14:33:40 +0800] "GET /wp-login.php HTTP/1.1" 404 1018
42.120.145.249 - - [10/Dec/2014:15:41:38 +0800] "GET /wp-login.php HTTP/1.1" 404 1018
42.120.145.210 - - [10/Dec/2014:19:05:22 +0800] "GET /wp-login.php HTTP/1.1" 404 1018
——————————————————————————————————————
218.59.238.92 :山东枣庄:访问php页面,网上搜索这是一个蠕虫病毒,试探端口。
112.124.36.187:
42.120.145.* 也是阿里云,存在故意试探访问。
____________________________________________________________________
112.124.36.187 - - [18/Dec/2014:21:34:58 +0800] "-" 400 -
222.186.21.206 - - [18/Dec/2014:21:42:50 +0800] "GET / HTTP/1.1" 200 4568
112.124.36.187 - - [18/Dec/2014:21:46:54 +0800] "POST /wp-admin/admin-ajax.php HTTP/1.1" 404 1040
112.124.36.187 - - [18/Dec/2014:21:46:54 +0800] "-" 400 -
210.35.251.202 - - [18/Dec/2014:22:08:40 +0800] "GET / HTTP/1.1" 200 4568
112.124.36.187 - - [18/Dec/2014:22:12:03 +0800] "POST /uploads/celive/live/header.php HTTP/1.1" 404 1054
112.124.36.187 - - [18/Dec/2014:22:12:03 +0800] "xajax=LiveMessage&xajaxargs[0]=<xjxobj><q><e><k>name</k><v>',(UpdateXML(1,CONCAT(0x5b,mid((SELECT/**/GROUP_CONCAT(concat(username,'|',password)) from cmseasy_user),1,32),0x5d),1)),NULL,NULL,NULL,NULL,NULL,NULL)--%20</v></e></q></xjxobj>" 505 -
117.141.119.220 - - [18/Dec/2014:22:48:48 +0800] "GET / HTTP/1.1" 200 4568
180.115.196.47 - - [18/Dec/2014:23:31:46 +0800] "GET /s.gif HTTP/1.1" 404 1004
180.115.196.47 - - [18/Dec/2014:23:31:46 +0800] "CONNECT api.weibo.com:443 HTTP/1.1" 400 -
——————————————————————————————————————
充分说明阿里云里面的机器,存在主动攻击别人的行为。另外就是,很多机器对阿里云主机进行攻击
- 设置ip禁用
禁用命令:最简单的是禁止该ip访问一切端口
- iptables -I INPUT -p TCP --dport 80 -j DROP -s 218.59.238.92
- iptables -I INPUT -p TCP --dport 80 -j DROP -s 121.231.143.129
查看禁用表:/etc/init.d/iptables status命令即可
[root@~]# /etc/init.d/iptables status
表格:filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 DROP tcp -- 112.124.36.187 0.0.0.0/0 tcp dpt:80
2 DROP tcp -- 121.231.143.129 0.0.0.0/0 tcp dpt:80
3 DROP tcp -- 218.59.238.92 0.0.0.0/0 tcp dpt:80
分享到:
相关推荐
阿里云虚拟主机操作
一个基于asp+access/mssql开发的阿里云虚拟主机代理平台源码,支持通过代理商API进行阿里云虚拟主机的新开续费,支持西部数码的域名、虚拟主机和云服务器的新开续费,同时支持在线支付、产品管理、新闻管理、日志...
阿里云河南服务中心综合国内几大虚拟主机的特点,特别梳理出阿里云虚拟主机的特点、性能、主要的用途和使用环境,文献仅供大家参考,有很多不足之处还请大家多多指点!
09_12_阿里云主机配置_ffmpeg编译09_12_阿里云主机配置_ffmpeg编译09_12_阿里云主机配置_ffmpeg编译09_12_阿里云主机配置_ffmpeg编译09_12_阿里云主机配置_ffmpeg编译09_12_阿里云主机配置_ffmpeg编译09_12_阿里云...
PHP对接阿里云虚拟号-号码隐私保护
碎念直链网盘,是一款PHP网盘与直链分享程序,重点是虚拟主机也可以搭建,支持所有格式文件的上传,可以生成文件直链、图片直链、音乐视频直链,生成直链同时自动生成相应的UBB代码和HTML代码,还可支持文本、图片、...
云服务器、物理服务器、vps服务器、虚拟主机有什么区别?全文共8页,当前为第1页。云服务器、物理服务器、VPS服务器、虚拟主机有什么区别? 云服务器、物理服务器、vps服务器、虚拟主机有什么区别?全文共8页,当前...
市场上终于出现了一款阿里云虚拟主机代理平台(源码免费下载)-附件资源
Qt远程连接阿里云主机上的MySQL源码
前言 ...本文将给大家详细介绍关于在在云虚拟主机部署thinkphp5项目的... 阿里云云虚拟系统CentOS 第一步 修改移动入口文件位置,把它移动到根目录下(即htdocs)。 修改index.php入口文件内容 // 定义应用目录 defi
一、登陆阿里云主机后台,获取主机信息并修改主机的环境参数。二、通过ftp工具把wordpress程序进行上传。三、在线安装wordpress程序。
1. 获取主机信息 2. 网站备案 3. FTP上传网站 1.在本地电脑双击 计算机(以Windows 7操作系统为例 ) 2.在红框处输入ftp://您的主机
简单阿里云主机环境项目搭建。现在很多服务都部署在云服务上,最近项目也要发布到云上,特写此文章。有需要部署云服务的小伙伴可以参考下。
1.通过端口访问不同的主机: Nginx的配置文件: /usr/local/nginx/conf/nginx.conf Centos文件默认编码格式 latin1 查看编码格式的命令: :set fileencoding #user nobody; worker_processes 1; #error_log logs/...
阿里云主机是什么.docx
阿里云主机实例war包,实例详情请访问博主博客:http://blog.csdn.net/u013142781
可快速部署php iis mysql ftp Gzip
阿里云网站迁移步骤: 材料:新老空间的FTP登录用户名和密码、FTP上传工具 1.第一步,提取备份。先登录老空间的账号,进入主界面后依次点击:工具服务—备份恢复,分别提取下载一份网页文件和一份数据库备份...
BIOS如何打开硬件虚拟化,支持虚拟机的安装
3-3 Centos7主机名修改 3-4 Centos7操作系统文件目录结构 3-5 Centos7操作系统时区调整 3-6 Centos7网卡接口名称规则 3-7 网络接口设置及ip详解 3-8 Centos7强大的参数补全 3-9 Centos7操作系统内存介绍 .........