vps交流
当前位置:嘟嘟社区 > bbs > 正文

nginx日志里面很多探测记录,要不要都ban掉。。。

2022-10-04 分类:bbs

看了下nginx的日志
高墙探测的很勤快啊
要不要把这些探测的IP都封锁掉效果好一些
一键脚本什么的要注意安全哦

2022/10/04 03:20:23 [error] 702552#0: *1082 open() "/www/wwwroot/aa.aaa.com/mifs/.;/services/LogService" failed (2: No such file or directory), client: 152.89.196.211, server: aa.aaa.com, request: "POST /mifs/.;/services/LogService HTTP/1.1", host: "*.*.*.*:443", referrer: "https://*.*.*.*:443"
2022/10/04 03:20:23 [error] 702552#0: *1082 open() "/www/wwwroot/aa.aaa.com/404.html" failed (2: No such file or directory), client: 152.89.196.211, server: aa.aaa.com, request: "POST /mifs/.;/services/LogService HTTP/1.1", host: "*.*.*.*:443", referrer: "https://*.*.*.*:443"
2022/10/04 08:07:49 [error] 702552#0: *1113 open() "/www/wwwroot/aa.aaa.com/.env" failed (2: No such file or directory), client: 4.231.48.195, server: aa.aaa.com, request: "GET /.env HTTP/1.1", host: "*.*.*.*"
2022/10/04 08:07:49 [error] 702552#0: *1113 open() "/www/wwwroot/aa.aaa.com/404.html" failed (2: No such file or directory), client: 4.231.48.195, server: aa.aaa.com, request: "GET /.env HTTP/1.1", host: "*.*.*.*"
2022/10/04 10:06:12 [error] 702552#0: *1141 open() "/www/wwwroot/aa.aaa.com/remote/fgt_lang" failed (2: No such file or directory), client: 152.89.196.23, server: aa.aaa.com, request: "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/ssl扶墙_websession HTTP/1.1", host: "*.*.*.*:443"
2022/10/04 10:06:12 [error] 702552#0: *1141 open() "/www/wwwroot/aa.aaa.com/404.html" failed (2: No such file or directory), client: 152.89.196.23, server: aa.aaa.com, request: "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/ssl扶墙_websession HTTP/1.1", host: "*.*.*.*:443"
2022/10/04 10:55:26 [error] 710201#0: *59 open() "/www/wwwroot/aa.aaa.com/owa/auth/logon.aspx" failed (2: No such file or directory), client: 192.241.215.36, server: aa.aaa.com, request: "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1", host: "*.*.*.*"
2022/10/04 10:55:26 [error] 710201#0: *59 open() "/www/wwwroot/aa.aaa.com/404.html" failed (2: No such file or directory), client: 192.241.215.36, server: aa.aaa.com, request: "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1", host: "*.*.*.*"

高墙真是替不少无聊扫描机器 的背锅侠nginx日志里面很多探测记录,要不要都ban掉。。。
红色的部分只是在扫描一些漏洞,与墙没关系 https://www.govcert.gov.hk/tc/alerts_detail.php?id=414
标签: