logo标签列表

当我检查nginx的access.log时,不明HEAD请求定期出现

djangoamazon-web-servicesnginx
7

首先,我使用的是以下服务器环境:

  1. 服务器:nginx + uwsgi + django应用程序,docker + AWS ECS部署
  2. celery: rabbitmq ec2
  3. 缓存:redis ec2
  4. 日志:AWS CloudWatch日志 + watchtower第三方应用程序

当我访问ECS EC2并检查nginx access.log时,会定期出现以下请求。
为什么会有这个请求?这是您第一次打开服务器时不断出现的内容。

此外,我的ecs服务器的安全组80/443端口对任何地方都是开放的。

nginx/access.log

54.214.101.194 - - [14/Jul/2017:03:02:12 +0000] "HEAD http://13.114.17.75:80/mysql/admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:12 +0000] "HEAD http://13.114.17.75:80/mysql/dbadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:12 +0000] "HEAD http://13.114.17.75:80/mysql/sqlmanager/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:12 +0000] "HEAD http://13.114.17.75:80/mysql/mysqlmanager/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/phpmyadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/phpMyadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/phpMyAdmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/phpmyAdmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/phpmyadmin2/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/phpmyadmin3/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/phpmyadmin4/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/2phpmyadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/phpmy/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/phppma/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/myadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/shopdb/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/MyAdmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/program/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/PMA/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/dbadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/pma/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/db/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/mysql/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/database/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/db/phpmyadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/db/phpMyAdmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/sqlmanager/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/mysqlmanager/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/php-myadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/phpmy-admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/mysqladmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/mysql-admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/admin/phpmyadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/admin/phpMyAdmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/admin/sysadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/admin/sqladmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/admin/db/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/admin/web/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/admin/pMA/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/mysql/pma/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/mysql/db/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/mysql/web/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/mysql/pMA/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/sql/phpmanager/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/sql/php-myadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/sql/phpmy-admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/sql/sql/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/sql/myadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/webadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/sqlweb/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/websql/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/webdb/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/sqladmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/sql-admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/phpmyadmin2/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/phpMyAdmin2/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/phpMyAdmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/myadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/webadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/dbweb/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/websql/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/webdb/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/dbadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/db-admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/phpmyadmin3/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/phpMyAdmin3/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/db/phpMyAdmin-3/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/administrator/phpmyadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/administrator/phpMyAdmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/administrator/db/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/administrator/web/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/administrator/pma/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/administrator/PMA/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/administrator/admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/phpMyAdmin2/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/phpMyAdmin3/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/phpMyAdmin4/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/phpMyAdmin-3/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/php-my-admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/PMA2011/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/PMA2012/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/PMA2013/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/PMA2014/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/PMA2015/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/PMA2016/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/PMA2017/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/PMA2018/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/pma2011/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/pma2012/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/pma2013/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/pma2014/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/pma2015/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/pma2016/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/pma2017/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:23 +0000] "HEAD http://13.114.17.75:80/pma2018/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:23 +0000] "HEAD http://13.114.17.75:80/phpmyadmin2011/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:23 +0000] "HEAD http://13.114.17.75:80/phpmyadmin2012/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:23 +0000] "HEAD http://13.114.17.75:80/phpmyadmin2013/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:23 +0000] "HEAD http://13.114.17.75:80/phpmyadmin2015/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:23 +0000] "HEAD http://13.114.17.75:80/phpmyadmin2016/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:23 +0000] "HEAD http://13.114.17.75:80/phpmyadmin2017/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:24 +0000] "HEAD http://13.114.17.75:80/phpmyadmin2018/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:24 +0000] "HEAD http://13.114.17.75:80/phpmanager/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
95.213.177.125 - - [14/Jul/2017:03:14:35 +0000] "POST /azenv.php?auth=150000207593&a=PSCMN&i=885409785&p=80 HTTP/1.1" 404 580 "https://proxyradar.com/" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"
@Fabien 嗯...我在办公室向API发送了一个请求,IP也被记录为10.0.1.234。 - byunghyun park
1
这可能确实是他们ELB的IP地址。如果是这样的话,所有这些看起来都像是一个弱点扫描器在枚举弱目标。就像有成千上万次的随机扫描一样。 - Fabien
@Fabien 更改日志记录的IP地址,该IP地址是灵活的。 - byunghyun park
@Fabien您的反馈是否意味着ELB会随机扫描以识别弱点?这样会有安全问题吗? - byunghyun park
@Fabien 我明白了,谢谢! - byunghyun park
显示剩余3条评论
1个回答
10
这是一个非常典型的漏洞扫描工具ZmEu所采用的请求方式。简而言之,黑客正在运行自动化工具,试图在您的系统上找到易受攻击的PHPMyAdmin安装程序,以此来攻击您的系统并获取 root 权限。即使您的系统上没有 PHPMyAdmin,他们仍会发送请求以测试并查看是否存在该软件,因为这样做很便宜,如果他们找到了可利用的东西,就可以进入您的服务器窃取数据或进行其他不良用途。

不幸的是,这只是在互联网上拥有服务器的代价,人们不断运行自动化扫描工具,尝试找到任何他们能够接触到的服务器,以寻找攻击它并占领它的方法。

我们能否使用fail2ban来缓解这些“攻击”? - Lajos Mészáros
1
是的,但对于这样的事情,引入额外的开销通常不值得。向攻击者返回404几乎不会花费你任何代价。检查和验证所有传入IP地址与禁止IP数据库相比要花费更多。 - nathanpeck
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接