我正在设置一个新的apache + mysql服务器。它只有3个网站,它真的没有太多的活动。我主要用它来编程和测试。
服务器的httpd.conf就是这个:
....
<IfModule prefork.c>
StartServers 8
MinSpareServers 5
MaxSpareServers 20
ServerLimit 256
MaxClients 256
MaxRequestsPerChild 4000
</IfModule>
<IfModule worker.c>
StartServers 4
MaxClients 300
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
....
出于某种原因,一旦我启动服务器并访问一个页面(即使它是非常基本的,没有连接到数据库或任何...我得到这个:
[Wed Dec 11 13:59:10 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Dec 11 13:59:10 2013] [notice] Digest: generating secret for digest authentication ...
[Wed Dec 11 13:59:10 2013] [notice] Digest: done
[Wed Dec 11 13:59:10 2013] [notice] Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 configured -- resuming normal operations
[Wed Dec 11 13:59:25 2013] [error] server reached MaxClients setting, consider raising the MaxClients setting
如果我在启动服务器后立即执行“ps -ef”,我会看到所有这些进程都在运行:
UID PID PPID C STIME TTY TIME CMD
....
root 2945 1 2 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2947 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2948 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2949 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2950 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2951 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2952 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2953 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2954 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2955 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2956 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2957 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2958 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2959 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2960 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2961 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2962 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2963 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2964 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2965 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2966 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2967 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2968 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2969 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2970 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2971 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2972 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2973 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2974 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2975 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2976 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2977 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2978 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2979 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2980 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2981 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2982 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2983 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2984 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2985 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2986 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2987 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2988 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2989 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2990 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2991 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2992 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2993 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2994 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2995 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2996 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2997 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2998 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 2999 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3000 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3001 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3002 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3003 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3004 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3005 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3006 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3007 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3008 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3009 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3010 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3011 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3012 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3013 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3014 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3015 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3016 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3017 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3018 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3019 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3020 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3021 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3022 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3023 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3024 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3025 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3026 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3027 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3028 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3029 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3030 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3031 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3032 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3033 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3034 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3035 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3036 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3037 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3038 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3039 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3040 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3041 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3042 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3043 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3044 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3045 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3046 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3047 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3048 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3049 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3050 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3051 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3052 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3053 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3054 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3055 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3056 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3057 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3058 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3059 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3060 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3061 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3062 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3063 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3064 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3065 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3066 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3067 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3068 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3069 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3070 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3071 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3072 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3073 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3074 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3075 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3076 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3077 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3078 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3079 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3080 2945 0 14:08 ? 00:00:00 /usr/sbin/httpd
apache 3081 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3082 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3083 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3084 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3085 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3086 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3087 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3088 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3089 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3090 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3091 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3092 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3093 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3094 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3095 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3096 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3097 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3098 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3099 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3100 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3101 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3102 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3103 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3104 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3105 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3106 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3107 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3108 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3109 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3110 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3111 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3112 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3113 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3114 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3115 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3116 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3117 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3118 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3119 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3120 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3121 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3122 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3123 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3124 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3125 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3126 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3127 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3128 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3129 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3130 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3131 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3132 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3133 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3134 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3135 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3136 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3137 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3138 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3139 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3140 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3141 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3142 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3143 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3144 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3145 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3146 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3147 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3148 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3149 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3150 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3151 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3152 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3153 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3154 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3155 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3156 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3157 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3158 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3159 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3160 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3161 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3162 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3163 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3164 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3165 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3166 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3167 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3168 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3169 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3170 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3171 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3172 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3173 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3174 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3175 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3176 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3177 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3178 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3179 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3180 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3181 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3182 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3183 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3184 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3185 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3186 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3187 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3188 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3189 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3190 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3191 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3192 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3193 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3194 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3195 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3196 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3197 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3198 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3199 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3200 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3201 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
apache 3202 2945 0 14:09 ? 00:00:00 /usr/sbin/httpd
root 3203 1750 5 14:09 pts/0 00:00:00 ps -ef
如果我尝试使用“tail -f access_log”检查访问日志,我会获得非停止条目来访问我从未见过的网站,而且我没有托管(?)。我的服务器只有几个基本站点,我是大多数访问这个站点的站点。
172.240.255.43 - - [11/Dec/2013:14:15:19 +0000] "GET http://ads.yahoo.com/st?ad_type=iframe&ad_size=300x250§ion=3796694&pub_url=${PUB_URL}&_msd=1&_xcf=0&rmxbkn=0&_cbv=2864710689 HTTP/1.0" 200 5463 "http://www.sceatec.com/hardware/how-to-improve-servers-performance.html" "Mozilla/4.0 (compatible; MSIE 6.0; AOL 9.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705)"
192.169.85.121 - - [11/Dec/2013:14:15:19 +0000] "GET http://ads.yahoo.com/st?ad_type=iframe&ad_size=728x90§ion=5156870&pub_url=${PUB_URL}&_msd=1&_xcf=0&rmxbkn=0&_cbv=1962079223 HTTP/1.0" 200 5547 "http://www.workacumen.com/index.php?option=com_content&view=article&id=1630:Great-West-Life-Insurance-Rates-for-Women-Smokers-and-Non-Smokers&catid=4&Itemid=5" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Avant Browser; .NET CLR 2.0.50727; Creative ZENcast v1.02.12; .NET CLR 3.0.04506.30)"
69.162.70.75 - - [11/Dec/2013:14:15:19 +0000] "GET http://content.yieldmanager.edgesuite.net/atoms/ca/6e/ef/bf/ca6eefbfc4b3e52b860e32307142dd2c.gif HTTP/1.0" 200 26598 "http://www.fitnesscareson.com/fitness-factory/fitness-jobs/choosing-the-beauty-salons-in-san-francisco-6.html" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Alexa Toolbar)"
192.169.85.99 - - [11/Dec/2013:14:15:19 +0000] "GET http://ak1.abmr.net/is/pixel.mathtag.com?U=/misc/img&V=3-1xWPO+glnAYtvOljCBLqFpimxCqp%2fbcnElHRB%2fCXRbsOSOHvsVBgEQ%3d%3d&I=25B80927125D326&D=mathtag.com&01AD=1&mt_id=0&mt_adid=0&mop_seq=0:1&mt_cb=117628&mop_top= HTTP/1.0" 302 - "http://ads.yahoo.com/st?ad_type=iframe&ad_size=160x600§ion=5151124&pub_url=salebusinessidea.com&_msd=1&_xcf=0&rmxbkn=0&_cbv=1561726732" "Mozilla/4.0 (compatible; MSIE 4.01; Mac_PowerPC)"
46.55.23.55 - - [11/Dec/2013:14:15:19 +0000] "GET http://web1.exactseek.com/webclient/?query=fjxg+/threads/&start=5&offset=80&lang=ENG HTTP/1.0" 200 27274 "http://web1.exactseek.com/" "Opera/9.80 (Windows NT 6.1; WOW64) Presto/2.12.388 Version/12.16"
216.245.216.115 - - [11/Dec/2013:14:15:19 +0000] "GET http://b.scorecardresearch.com/b?c1=8&c2=6035610&rn=0.34418662962084006&c7=http%3A%2F%2Fads.yahoo.com%2Fst%3Fad_type%3Diframe%26ad_size%3D300x250%26section%3D5151124%26pub_url%3Dsalebusinessidea.com%26_msd%3D1%26_xcf%3D0%26rmxbkn%3D0%26_cbv%3D4057802456&c3=30032779&c4=234558859&c5=114925099&c6=%25m&c10=18971014219&c15=&c16=&c8=&c9=http%3A%2F%2Fwww.salebusinessidea.com%2Findex.php%3Foption%3Dcom_content%26view%3Darticle%26id%3D333%3AIdeas-for-Creative-Brainstorming--%26catid%3D174%26Itemid%3D83&cv=1.8 HTTP/1.0" 204 - "http://ads.yahoo.com/st?ad_type=iframe&ad_size=300x250§ion=5151124&pub_url=salebusinessidea.com&_msd=1&_xcf=0&rmxbkn=0&_cbv=4057802456" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1) Gecko/20090624 Firefox/3.5 (.NET CLR 3.5.30729)"
23.19.79.115 - - [11/Dec/2013:14:15:19 +0000] "GET http://ads.yahoo.com/get-user-id?ver=2&s=5133289&ts=1386771312&sig=96b66e7aa45d6484 HTTP/1.0" 200 - "http://ads.yahoo.com/st?ad_type=iframe&ad_size=160x600§ion=5133289&pub_url=${PUB_URL}&_msd=1&_xcf=0&rmxbkn=0&_cbv=2176781951" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; MyIE2; Deepnet Explorer)"
192.169.85.194 - - [11/Dec/2013:14:15:18 +0000] "GET http://ad.doubleclick.net/adj/N7384.137772.MAXPOINTINTERACTIVE/B7845858.4;sz=728x90;click=http://mpc.mxptint.net/9S1SE5696B23S1090S5E02S2D8S5ASC89SBDF_5174C7F6_819009SDF_5174C7FB_19EB91%3fhttp://r.mxptint.net%3f;ord=5393202 HTTP/1.0" 200 7573 "http://ads.yahoo.com/st?ad_type=iframe&ad_size=728x90§ion=3698931&pub_url=${PUB_URL}&_msd=1&_xcf=0&rmxbkn=0&_cbv=891089422" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; XMPP Tiscali Communicator v.10.0.2; .NET CLR 2.0.50727)"
69.147.233.50 - - [11/Dec/2013:14:15:19 +0000] "GET http://content.yieldmanager.edgesuite.net/atoms/fb/a8/7f/c7/fba87fc7f7a0335ef9033c4f717d7bb3.png HTTP/1.0" 200 18820 "http://ads.yahoo.com/st?ad_type=iframe&ad_size=160x600§ion=4311038&pub_url=${PUB_URL}&_msd=1&_xcf=0&rmxbkn=0&_cbv=445943840" "Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.8.1.11) Gecko/20080118 Firefox/2.0.0.11"
192.169.85.52 - - [11/Dec/2013:14:15:18 +0000] "GET http://ads.yahoo.com/imp?_cbv=1420241591&_msd=1&_xcf=0&Z=0x0&y=29&rmxbkn=0&s=5081065&_salt=0&B=12&m=2&H=&u=http%3A%2F%2Fwww.makemasterfinance.com%2Findex.php%3Foption%3Dcom_content%26view%3Darticle%26id%3D1540%3ABuy-Car-Insurance-Online%3A-Obtaining-Quotes-and-Comparisons%26catid%3D4%26Itemid%3D5&M=5&r=1 HTTP/1.0" 200 958 "http://www.makemasterfinance.com/index.php?option=com_content&view=article&id=1540:Buy-Car-Insurance-Online:-Obtaining-Quotes-and-Comparisons&catid=4&Itemid=5" "Opera/9.80 (X11; Linux i686; U; ja) Presto/2.7.62 Version/11.01"
172.240.255.35 - - [11/Dec/2013:14:15:19 +0000] "GET http://ads.yahoo.com/st?ad_type=pop&ad_size=0x0§ion=3796694&banned_pop_types=29&pop_times=1&pop_frequency=0&pub_url=www.sceatec.com&_msd=1&_xcf=0&rmxbkn=0&_cbv=381351163 HTTP/1.0" 200 5200 "http://www.sceatec.com/hardware/hp-c7975a-lto5-huge-capacity-compatible-protected-media-cartridge.html" "Opera/9.24 (Windows NT 5.1; U; tr)"
192.169.85.86 - - [11/Dec/2013:14:15:19 +0000] "GET http://ads.yahoo.com/get-user-id?ver=2&s=5167806&ts=1386771294&sig=cd794b3708a1bd0b HTTP/1.0" 200 - "http://ads.yahoo.com/st?ad_type=iframe&ad_size=300x250§ion=5167806&pub_url=${PUB_URL}&_msd=1&_xcf=0&rmxbkn=0&_cbv=4177140593" "Mozilla/4.7 [en] (Win98; I)"
23.19.58.228 - - [11/Dec/2013:14:15:19 +0000] "GET http://pixel.mathtag.com/sync/js?01AD=3qniaWcOZKiAgKJ1xmCiuoQQpEZBJYda9WXoBVp85E3l9lKH-WSWsUw&01RI=ED8AB17483CAF35&01NA=na&sync=auto&mt_lim=1 HTTP/1.0" 200 195 "http://ads.yahoo.com/st?ad_type=iframe&ad_size=160x600§ion=5159500&pub_url=${PUB_URL}&_msd=1&_xcf=0&rmxbkn=0&_cbv=480249027" "Mozilla/4.0 (compatible; MSIE 6.0b; Windows 98; Alexa Toolbar)"
173.208.83.84 - - [11/Dec/2013:14:15:19 +0000] "GET http://ads.yahoo.com/imp?_cbv=2105678712&_msd=1&_xcf=0&Z=300x250&u=learnabouttrip.com&rmxbkn=0&s=5141599&T=3&_salt=0&B=12&m=2&H=http%3A%2F%2Flearnabouttrip.com%2Findex.php%2Ftourist-definition%2F1324-tourism-in-zimbabwe&M=3&r=1 HTTP/1.0" 200 1008 "http://ads.yahoo.com/st?ad_type=iframe&ad_size=300x250§ion=5141599&pub_url=learnabouttrip.com&_msd=1&_xcf=0&rmxbkn=0&_cbv=2105678712" "Mozilla/5.0 (Linux i686; U; en; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6 Opera 10.51"
23.19.79.116 - - [11/Dec/2013:14:15:19 +0000] "GET http://ads.yahoo.com/imp?_cbv=203356319&_msd=1&_xcf=0&Z=160x600&rmxbkn=0&s=5133289&T=3&_salt=0&B=12&m=2&H=http%3A%2F%2Fsuperwomenhealth.com%2Findex.php%2Fkids-health%2F2554-fresh-healthy-vending&u=http%3A%2F%2Fsuperwomenhealth.com%2Findex.php%2Fkids-health%2F2554-fresh-healthy-vending&M=4&r=1 HTTP/1.0" 200 1062 "http://ads.yahoo.com/st?ad_type=iframe&ad_size=160x600§ion=5133289&pub_url=${PUB_URL}&_msd=1&_xcf=0&rmxbkn=0&_cbv=203356319" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 95)"
69.162.97.215 - - [11/Dec/2013:14:15:19 +0000] "GET http://ads.yahoo.com/st?ad_type=ad&ad_size=300x250§ion=4890511&pub_url=${PUB_URL}&_msd=1&_xcf=0&rmxbkn=0&_cbv=2239536379 HTTP/1.0" 200 5149 "http://www.evigs.com/injury-dictionary-inqueries/medical-illness-dictionary/tips-for-learning-what-you-need-to-know-as-patient.html" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.694.0 Safari/534.24"
192.169.86.70 - - [11/Dec/2013:14:15:19 +0000] "GET http://ads.yahoo.com/st?ad_type=iframe&ad_size=728x90§ion=4411352&pub_url=${PUB_URL}&_msd=1&_xcf=0&rmxbkn=0&_cbv=1207065059 HTTP/1.0" 200 5532 "http://www.workinhouses.com/index.php?option=com_content&view=article&id=2537:Do-Hydrogen-Fuel-Conversion-Kits-Really-Work?&catid=174&Itemid=22" "Mozilla/5.0 (Windows NT 6.1; en-US) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.750.0 Safari/534.30"
69.147.233.50 - - [11/Dec/2013:14:15:19 +0000] "GET http://content.yieldmanager.edgesuite.net/atoms/79/fd/96/8a/79fd968aa01b830aca01612fac5b880a.gif HTTP/1.0" 200 12730 "http://ads.yahoo.com/st?ad_type=iframe&ad_size=728x90§ion=4311038&pub_url=${PUB_URL}&_msd=1&_xcf=0&rmxbkn=0&_cbv=3877702270" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040206 Firefox/0.8"
192.169.85.115 - - [11/Dec/2013:14:15:19 +0000] "GET http://ad.doubleclick.net/adj/N7586.150834.TURN/B7621332;abr=!ie;sz=160x600;click=http://r.turn.com/r/formclick/id/VdfWUmfN5zUoLAwA4QUBAA/url/;ord=3884299047285479253 HTTP/1.0" 200 11 "http://ads.tblamnetwork.com/st?ad_type=iframe&ad_size=160x600§ion=5040675&pub_url=${PUB_URL}" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)"
64.120.60.124 - - [11/Dec/2013:14:15:19 +0000] "GET http://ib.adnxs.com/seg?add=357296&t=2 HTTP/1.0" 200 - "http://ads.yahoo.com/st?ad_type=iframe&ad_size=300x250§ion=4931529&pub_url=${PUB_URL}&_msd=1&_xcf=0&rmxbkn=0&_cbv=1381802406" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10 ChromePlus/1.5.2.0"
208.115.203.37 - - [11/Dec/2013:14:15:19 +0000] "GET http://ib.adnxs.com/seg?add=357277&t=2 HTTP/1.0" 200 - "http://ads.yahoo.com/st?ad_type=iframe&ad_size=336x280,300x250,250x250,180x150§ion=4584406&pub_url=${PUB_URL}&_msd=1&_xcf=0&rmxbkn=0&_cbv=3921164224" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705; Alexa Toolbar)"
173.234.12.249 - - [11/Dec/2013:14:15:20 +0000] "GET http://ib.adnxs.com/bounce?%2Fttj%3Fid%3D2010001 HTTP/1.0" 200 - "http://www.newbia.net/index.php?option=com_content&view=category&layout=blog&id=24&Itemid=29&limitstart=40" "Mozilla/4.0 (compatible; MSIE 5.0; Windows NT 5.0; Alexa Toolbar)"
64.120.60.121 - - [11/Dec/2013:14:15:19 +0000] "GET http://ads.yahoo.com/imp?_cbv=2824547489&_msd=1&_xcf=0&Z=160x600&rmxbkn=0&s=4931529&T=3&_salt=0&B=12&m=2&H=http%3A%2F%2Fhealthchurch.com%2Findex.php%2Fhealth-questions%2F3582-bluesuitmomcom&u=http%3A%2F%2Fhealthchurch.com%2Findex.php%2Fhealth-questions%2F3582-bluesuitmomcom&M=4&r=1 HTTP/1.0" 200 1060 "http://ads.yahoo.com/st?ad_type=iframe&ad_size=160x600§ion=4931529&pub_url=${PUB_URL}&_msd=1&_xcf=0&rmxbkn=0&_cbv=2824547489" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.861.0 Safari/535.2"
有什么想法吗?我有点失落。
答案 0 :(得分:3)
我昨天终于可以解决这个问题。问题是我的服务器充当了开放代理。
access_log中显示的条目通常是恶意客户端试图利用开放代理服务器访问网站而不泄露其真实位置的结果。他们可能会这样做来操纵按点击付费广告系统,向其他人的网站添加评论或链接垃圾邮件,或只是做一些令人讨厌的事情而不被发现。
如何阻止这些请求通过我的服务器访问外部服务器?
首先,如果您不需要运行代理服务器,请通过在httpd.conf中注释掉其LoadModule行或设置ProxyRequests来禁用mod_proxy。请记住,禁用ProxyRequests不会阻止您使用带有ProxyPass指令的反向代理。
我不喜欢我的服务器响应随机主机名请求的想法。
您可以将Apache配置为拒绝通过设置默认虚拟主机来访问未专门配置的任何主机:
NameVirtualHost *:80
<VirtualHost *:80>
ServerName default.only
<Location />
Order allow,deny
Deny from all
</Location>
</VirtualHost>
<VirtualHost *:80>
ServerName realhost1.example.com
ServerAlias alias1.example.com alias2.example.com
DocumentRoot /path/to/site1
</VirtualHost>
完成这些更改后,您可以尝试将自己的服务器用作代理来访问其他网站,并确保从您的网站获得故障或本地内容。其中包括:
将浏览器配置为使用Web服务器作为其默认代理服务器,然后尝试请求外部站点。您应该只回复自己的网站内容。 使用telnet手动构造请求:
telnet yoursite.example.com 80
GET http://www.yahoo.com/ HTTP/1.1
Host: www.yahoo.com
答案 1 :(得分:2)
立即脱颖而出的两件事:
您的服务器正在为所有这些GET请求返回HTTP代码200。 200表示它找到了URL的页面。应该返回404(Not Found)。您的index.php文件可能代理异地请求。查看您的代码,停止它,和/或使其返回404s。如果这不仅仅是写得不好或经过深思熟虑的代码,那么您的网站可能会被注入index.php的代码泄露。
查看地址,这可能是使用非现场广告的XSS攻击/利用,当用户查看其中一个广告时,使用您的域来获取其他网站/网页。这通常用于扩充广告视图(剥离广告网络),DDoS攻击或隐藏黑客攻击。 http://en.wikipedia.org/wiki/Cross-site_scripting