当这个庞大的块出现时,我正在为apache拖尾我的错误日志。以前从没见过这样的东西。 IP映射到RIPE网络协调中心,带有PO框
链接here
这是我应该深入研究的吗?在谷歌上搜索时,我找不到太多关于这一点的信息,除了RIPE似乎是一个ISP。
[Tue Mar 15 21:34:44.775251 2016] [core:error] [pid 22280] (36)File name too long: [client 93.113.125.12:44444] AH00036: access to /we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages failed (filesystem path '/var/www/html/we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages')
答案 0 :(得分:5)
我刚从同一IP收到此请求。我没有看到很多人谈论它,所以我想这是新的。
我认为它是一个寻找不安全的公共管理页面的机器人,实际的请求文本对于查看日志的网站管理员来说是一个笑话。
发出这些请求的脚本正在执行请求URL所说的内容。它正在向大量IP地址列表,IP地址范围发送请求,甚至在某些情况下发送互联网上的每个 IP地址。它记录地址是否返回状态代码 - 表示在该地址上运行了Web服务器。
目前还不清楚这些信息会做些什么。也许如果他们得到答复,他们会把你列入一个名单,以便进一步探讨。这实际上很常见。
除非您在某些管理实用程序(wordpress,drupal,phpmyadmin等)上使用默认密码,否则这些类似的东西是无害的。如果您开始受到这些请求的轰炸,您可能希望使用更高级的硬件或软件防火墙,审核您的公开端口,并可能开始限制IP范围。
http://who.is/whois-ip/ip-address/93.113.125.12
如果仍然存在,您可以随时向源的ISP报告此事件。