我收到索尼互动娱乐有限责任公司(" SIE")的消息说我的服务器滥用他们的服务。
我查了一下并确认:
除了apache访问日志,我发现:
77.38.177.177 - - [30/Jun/2017:19:21:48 +0000] "CONNECT auth.api.sonyentertainmentnetwork.com:443 HTTP/1.1" 400 226 "-" "-"
138.201.29.228 - - [30/Jun/2017:19:21:48 +0000] "CONNECT www.stoiximan.gr:443 HTTP/1.1" 200 - "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1409.70 Safari/537.36"
94.122.39.35 - - [30/Jun/2017:19:21:49 +0000] "A" 400 226 "-" "-"
77.108.80.2 - - [30/Jun/2017:19:20:48 +0000] "CONNECT artiwell.com:443 HTTP/1.1" 200 - "-" "-"
138.201.19.161 - - [30/Jun/2017:19:21:48 +0000] "CONNECT www.bet-at-home.com:443 HTTP/1.1" 200 - "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/17.0.1232.63 Safari/537.36"
77.108.80.2 - - [30/Jun/2017:19:21:48 +0000] "GET http://sea-tools.com.ua/oborudovanie/betonomeshalki/filter/287-k-werk HTTP/1.1" 200 25537 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.87 Safari/537.36"
94.158.152.58 - - [30/Jun/2017:19:21:49 +0000] "A" 400 226 "-" "-"
138.201.19.161 - - [30/Jun/2017:19:21:48 +0000] "GET http://sports.titanbet.com/en/e/5260805/Ansan-Police-v-Ansan-Greeners?mkt_grp_code=TMWIN HTTP/1.1" 200 25023 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.604.118 Safari/537.36"
117.1.114.50 - - [30/Jun/2017:19:21:49 +0000] "GET http://static.doubleclick.net/instream/ad_status.js HTTP/1.1" 200 29 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36"
94.158.152.58 - - [30/Jun/2017:19:21:49 +0000] "CONNECT static.doubleclick.net:443 HTTP/1.0" 200 - "-" "-"
185.71.186.147 - - [30/Jun/2017:19:21:49 +0000] "CONNECT static.sportsinteraction.net:443 HTTP/1.1" 200 - "-" "-"
我必须设置防火墙以拒绝每个到外部服务器的HTTP请求以终止该攻击。
我还有一些无法回答的问题:
以下是我的apache虚拟主机配置:
NameVirtualHost *:80
<Directory "/data/websource">
DirectoryIndex index.html index.php
AllowOverride All
# Allow open access:
Require all granted
</Directory>
<VirtualHost *:80>
ServerName subdomain1.my.domain
DocumentRoot "web_root/subdomain1/source/www"
ServerAdmin postmaster@dummy-host2.localhost
ErrorLog "logs/subdomain1-error.log"
CustomLog "logs/subdomain1-access.log" combined
#turn on proxy
ProxyPreserveHost On
ProxyRequests On
ProxyPass /classroom1 http://xyz.my.other.ip/classroom1
ProxyPassReverse /classroom1 http://xyz.my.other.ip/classroom1
ProxyPass /bigbluebutton/ http://xyz.my.other.ip/bigbluebutton/
ProxyPassReverse /bigbluebutton/ http://xyz.my.other.ip/bigbluebutton/
ProxyPass /client/ http://xyz.my.other.ip/client/
ProxyPassReverse /client/ http://xyz.my.other.ip/client/
ProxyPass /bbb http://xyz.my.other.ip/
ProxyPassReverse /bbb http://xyz.my.other.ip/
ProxyPass /demo/ http://xyz.my.other.ip/demo/
ProxyPassReverse /demo/ http://xyz.my.other.ip/demo/
ProxyPass /streams.xml http://xyz.my.other.ip/streams.xml
ProxyPassReverse /streams.html http://xyz.my.other.ip/streams.html
ProxyPass /testjava.html http://xyz.my.other.ip/testjava.html
ProxyPassReverse /testjava.html http://xyz.my.other.ip/testjava.html
ProxyPass /myngleapi/ http://xyz.my.other.ip/myngleapi/
ProxyPassReverse /myngleapi/ http://xyz.my.other.ip/myngleapi/
ProxyPass /myngleapi http://xyz.my.other.ip/myngleapi
ProxyPassReverse /myngleapi http://xyz.my.other.ip/myngleapi
ProxyPass /help.html http://xyz.my.other.ip/help.html
ProxyPassReverse /help.html http://xyz.my.other.ip/help.html
ProxyPass /call.php http://www.source/mynglevline/call.php
ProxyPassReverse /call.php http://www.source/mynglevline/call.php
</VirtualHost>
<VirtualHost *:80>
ServerName subdomain2.my.domain
DocumentRoot "web_root/subdomain1/source/admin"
ServerAdmin postmaster@dummy-host2.localhost
ErrorLog "logs/subdomain1-admin-error.log"
CustomLog "logs/subdomain1-admin-access.log" combined
</VirtualHost>
<VirtualHost *:80>
ServerName subdomain3.my.domain
DocumentRoot "web_root/subdomain3/source/www"
ServerAdmin postmaster@dummy-host2.localhost
ErrorLog "logs/subdomain3-error.log"
CustomLog "logs/subdomain3-access.log" combined
#turn on proxy
ProxyPreserveHost On
ProxyRequests On
ProxyPass /classroom1 http://xyz.my.other.ip/classroom1
ProxyPassReverse /classroom1 http://xyz.my.other.ip/classroom1
ProxyPass /bigbluebutton/ http://xyz.my.other.ip/bigbluebutton/
ProxyPassReverse /bigbluebutton/ http://xyz.my.other.ip/bigbluebutton/
ProxyPass /client/ http://xyz.my.other.ip/client/
ProxyPassReverse /client/ http://xyz.my.other.ip/client/
ProxyPass /bbb http://xyz.my.other.ip/
ProxyPassReverse /bbb http://xyz.my.other.ip/
ProxyPass /demo/ http://xyz.my.other.ip/demo/
ProxyPassReverse /demo/ http://xyz.my.other.ip/demo/
ProxyPass /streams.xml http://xyz.my.other.ip/streams.xml
ProxyPassReverse /streams.html http://xyz.my.other.ip/streams.html
ProxyPass /testjava.html http://xyz.my.other.ip/testjava.html
ProxyPassReverse /testjava.html http://xyz.my.other.ip/testjava.html
ProxyPass /myngleapi/ http://xyz.my.other.ip/myngleapi/
ProxyPassReverse /myngleapi/ http://xyz.my.other.ip/myngleapi/
ProxyPass /myngleapi http://xyz.my.other.ip/myngleapi
ProxyPassReverse /myngleapi http://xyz.my.other.ip/myngleapi
ProxyPass /help.html http://xyz.my.other.ip/help.html
ProxyPassReverse /help.html http://xyz.my.other.ip/help.html
ProxyPass /call.php http://www.source/mynglevline/call.php
ProxyPassReverse /call.php http://www.source/mynglevline/call.php
</VirtualHost>
<VirtualHost *:80>
ServerName subdomain4.my.domain
DocumentRoot "web_root/subdomain3/source/admin"
ServerAdmin postmaster@dummy-host2.localhost
ErrorLog "logs/subdomain3-admin-error.log"
CustomLog "logs/subdomain3-admin-access.log" combined
</VirtualHost>
<VirtualHost *:80>
ServerName subdomain5.my.domain
DocumentRoot "web_root/subdomain5/source/www"
ServerAdmin postmaster@dummy-host2.localhost
ErrorLog "logs/release-error.log"
CustomLog "logs/release-access.log" combined
#turn on proxy
ProxyPreserveHost On
ProxyRequests On
ProxyPass /classroom1 http://xyz.my.other.ip/classroom1
ProxyPassReverse /classroom1 http://xyz.my.other.ip/classroom1
ProxyPass /bigbluebutton/ http://xyz.my.other.ip/bigbluebutton/
ProxyPassReverse /bigbluebutton/ http://xyz.my.other.ip/bigbluebutton/
ProxyPass /client/ http://xyz.my.other.ip/client/
ProxyPassReverse /client/ http://xyz.my.other.ip/client/
ProxyPass /bbb http://xyz.my.other.ip/
ProxyPassReverse /bbb http://xyz.my.other.ip/
ProxyPass /demo/ http://xyz.my.other.ip/demo/
ProxyPassReverse /demo/ http://xyz.my.other.ip/demo/
ProxyPass /streams.xml http://xyz.my.other.ip/streams.xml
ProxyPassReverse /streams.html http://xyz.my.other.ip/streams.html
ProxyPass /testjava.html http://xyz.my.other.ip/testjava.html
ProxyPassReverse /testjava.html http://xyz.my.other.ip/testjava.html
ProxyPass /myngleapi/ http://xyz.my.other.ip/myngleapi/
ProxyPassReverse /myngleapi/ http://xyz.my.other.ip/myngleapi/
ProxyPass /myngleapi http://xyz.my.other.ip/myngleapi
ProxyPassReverse /myngleapi http://xyz.my.other.ip/myngleapi
ProxyPass /help.html http://xyz.my.other.ip/help.html
ProxyPassReverse /help.html http://xyz.my.other.ip/help.html
ProxyPass /call.php http://www.source/mynglevline/call.php
ProxyPassReverse /call.php http://www.source/mynglevline/call.php
</VirtualHost>
<VirtualHost *:80>
ServerName subdomain6.my.domain
DocumentRoot "web_root/subdomain5/source/admin"
ServerAdmin postmaster@dummy-host2.localhost
ErrorLog "logs/subdomain5-admin-error.log"
CustomLog "logs/subdomain5-admin-access.log" combined
</VirtualHost>
答案 0 :(得分:3)
ProxyRequests On
这是你的问题,请参考Apache的mod_proxy文档:
警告
在保护服务器之前,请勿使用ProxyRequests启用代理。开放式代理服务器对您的网络和整个Internet都是危险的。