这是一个创建于 3307 天前的主题,其中的信息可能已经有所发展或是发生改变。
给别人做的一个网站,放在阿里云上面。平时很少上去看,今天突然想上去瞧瞧,然后看到服务器日志里面有一些奇怪的访问日志,如下:
5.178.86.77:14389 - - [24/Oct/2015 15:48:59] "HTTP/1.1 POST azenv.php" - 404 Not Found
182.254.154.72:42477 - - [24/Oct/2015 18:19:03] "HTTP/1.1 GET test/check_proxy.php" - 404 Not Found
5.178.86.76:34713 - - [24/Oct/2015 18:59:03] "HTTP/1.1 POST azenv.php" - 404 Not Found
182.254.154.72:36303 - - [24/Oct/2015 19:16:19] "HTTP/1.1 GET test/check_proxy.php" - 404 Not Found
120.24.54.198:56163 - - [24/Oct/2015 19:19:01] "HTTP/1.1 GET /" - 303 See Other
120.24.54.198:59810 - - [24/Oct/2015 19:19:06] "HTTP/1.1 HEAD /" - 303 See Other
120.24.54.198:36319 - - [24/Oct/2015 19:19:12] "HTTP/1.1 TRACE /" - 405 Method Not Allowed
182.254.154.72:35039 - - [24/Oct/2015 19:47:04] "HTTP/1.1 GET test/check_proxy.php" - 404 Not Found
182.254.154.72:53031 - - [24/Oct/2015 20:52:05] "HTTP/1.1 GET test/check_proxy.php" - 404 Not Found
42.120.145.227:11353 - - [24/Oct/2015 21:03:09] "HTTP/1.1 GET /" - 303 See Other
42.120.145.145:20416 - - [24/Oct/2015 21:03:09] "HTTP/1.1 GET /signin" - 200 OK
182.254.154.72:52793 - - [24/Oct/2015 21:23:50] "HTTP/1.1 GET test/check_proxy.php" - 404 Not Found
182.254.154.72:38664 - - [24/Oct/2015 22:50:21] "HTTP/1.1 GET test/check_proxy.php" - 404 Not Found
182.254.154.72:40754 - - [25/Oct/2015 00:21:15] "HTTP/1.1 GET test/check_proxy.php" - 404 Not Found
182.254.154.72:59285 - - [25/Oct/2015 01:22:16] "HTTP/1.1 GET test/check_proxy.php" - 404 Not Found
5.178.86.77:4139 - - [25/Oct/2015 02:07:57] "HTTP/1.1 POST azenv.php" - 404 Not Found
185.49.14.190:36507 - - [25/Oct/2015 02:24:46] "HTTP/1.1 GET testproxy.php" - 404 Not Found
182.254.154.72:56069 - - [25/Oct/2015 03:50:17] "HTTP/1.1 GET test/check_proxy.php" - 404 Not Found
95.131.151.238:56504 - - [25/Oct/2015 03:58:49] "HTTP/1.1 GET proxy.php" - 404 Not Found
182.254.154.72:40328 - - [25/Oct/2015 04:47:47] "HTTP/1.1 GET test/check_proxy.php" - 404 Not Found
222.186.129.85:4423 - - [25/Oct/2015 05:46:00] "HTTP/1.1 GET /manager/html" - 404 Not Found
182.254.154.72:55288 - - [25/Oct/2015 06:41:57] "HTTP/1.1 GET test/check_proxy.php" - 404 Not Found
60.173.14.142:40564 - - [25/Oct/2015 06:54:20] "HTTP/1.1 POST /index.php" - 404 Not Found
182.254.154.72:47508 - - [25/Oct/2015 07:43:02] "HTTP/1.1 GET test/check_proxy.php" - 404 Not Found
182.254.154.72:48420 - - [25/Oct/2015 08:15:48] "HTTP/1.1 GET test/check_proxy.php" - 404 Not Found
42.120.142.221:33519 - - [25/Oct/2015 10:20:00] "HTTP/1.1 GET /" - 303 See Other
42.120.142.221:42657 - - [25/Oct/2015 10:20:00] "HTTP/1.1 OPTIONS /" - 405 Method Not Allowed
42.120.142.221:42683 - - [25/Oct/2015 10:20:00] "HTTP/1.1 OPTIONS /" - 405 Method Not Allowed
42.120.142.221:42684 - - [25/Oct/2015 10:20:01] "HTTP/1.1 GET /nice ports,/Trinity.txt.bak" - 404 Not Found
这些日志好像都是尝试去访问 PHP 的后台, IP 来自腾讯云与阿里云。这是别人的爬虫自动访问的,还是有人盯上这台服务器了?有这方面经验的同学能否帮忙答疑解惑一下?
6 条回复 • 2019-11-12 10:34:25 +08:00
|
|
1
pi1ot 2015-10-28 10:12:41 +08:00
爬虫或者扫端口之类
|
|
|
2
LeoSocks 2015-10-28 10:16:31 +08:00 via Android
别人的漏洞扫描测试,有漏洞就入侵了
|
|
|
3
BOYPT 2015-10-28 10:39:15 +08:00
爬虫检查有没有被种马找到就进呗
|
|
|
4
oott123 2015-10-28 11:38:11 +08:00
看上去像扫代理啊~
|
|
|
5
icegreen 2015-10-28 12:45:22 +08:00
阿里自己的漏洞扫描也会扫
|