我在Web服务器上面临一个奇怪的问题。在我的Web服务器访问日志中,我发现了一些请求标头,其中包含带有特殊字符的方法名称。 以下是我的日志:
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "GET /" 200 44
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G\xddET /XYZ/entityIndex.jsp HTTP/1.1" 200 6138
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "\x9fG\xfaET /XYZ/css/bootstrap.min.css HTTP/1.1" 501 1124
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G@ET /XYZ/css/XYZstyles.css HTTP/1.1" 501 1118
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G\xd9ET /XYZ/img/logo-mom.png HTTP/1.1" 501 1120
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G\xefET /XYZ/jquery/api/jquery-2.1.1.min.js HTTP/1.1" 501 1120
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G\x0fET /XYZ/jquery/api/jquery-migrate-1.2.1.js HTTP/1.1" 501 1118
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G\x92ET /XYZ/js/XYZcommon.js HTTP/1.1" 501 1120
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:16 +0400] "POST /XYZ/doXYZLogin.action HTTP/1.1" 302 -
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:17 +0400] "GET /" 200 44
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:17 +0400] "GET /XYZ/XYZIndexPage HTTP/1.1" 200 5772
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:19 +0400] "GET /" 200 44
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:21 +0400] "G\xc8ET /XYZ/jquery/validation/jquery.validate.js HTTP/1.1" 501 1120
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:21 +0400] "G\xd1ET /XYZ/img/XYZ-currency.png HTTP/1.1" 501 1120
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:21 +0400] "G\x1bET /XYZ/js/bootstrap.min.js HTTP/1.1" 501 1118
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:22 +0400] "GET /" 200 44
您可以看到某些请求具有无效的GET(例如G \ xddET)方法。知道是什么导致了这个吗?
答案 0 :(得分:0)
由于Web服务器选择CipherSuite与浏览器进行通信而导致这种情况。随着配置问题的以下变化,现在解决了问题:
SSLHonorCipherOrder On
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!AES128-SHA