Nginx - 许多具有不同域名的访问和错误日​​志

时间:2017-10-05 09:12:23

标签: nginx

我为我的域example.com设置了Nginx,并启用了访问和错误日​​志。但是在Nginx日志目录中,有许多使用不同域名生成的日志文件与我的服务器或A记录无关!

我已从default

中删除了sites-enabled文件的软链接

Nginx服务器设置:

server {
    listen 80;
    listen 443 ssl http2;
    server_name www.example.com
    server_tokens off;

    ssl_certificate /path/to/certificate.pem
    ssl_certificate_key /path/to/certificate.key

    error_log /var/log/nginx/www.example.com.error.log;
    access_log /var/log/nginx/www.example.com.access.log;

    # ...
}

在日志目录/var/log/nginx中,有许多不需要的文件如下:

bit.ly.access.log
dlvr.it.access.log
fb.me.access.log
goo.gl.access.log
httpheader.net.access.log
ift.tt.access.log
images.apple.com.access.log
is-work.appspot.com.access.log
ow.ly.access.log
snip.ly.access.log
testp1.piwo.pila.pl.access.log
twitter.com.access.log
virtuesshop.com.access.log
www.bmwblog.com.access.log
www.ctrip.com.access.log
www.google.com.access.log
Www.Peoplematters.in.access.log
xxnet-300.appspot.com.access.log
xxnet-301.appspot.com.access.log
xxnet-302.appspot.com.access.log
xxnet-303.appspot.com.access.log
xxnet-304.appspot.com.access.log
xxnet-400.appspot.com.access.log
xxnet-401.appspot.com.access.log
xxnet-402.appspot.com.access.log
xxnet-403.appspot.com.access.log
xxnet-404.appspot.com.access.log
z.cdn.turner.com.access.log
z-h-e-n-110.appspot.com.access.log
z-h-e-n-111.appspot.com.access.log
z-h-e-n-112.appspot.com.access.log
z-h-e-n-113.appspot.com.access.log
z-h-e-n-114.appspot.com.access.log
z-h-e-n-115.appspot.com.access.log
z-h-e-n-116.appspot.com.access.log
z-h-e-n-117.appspot.com.access.log
z-h-e-n-118.appspot.com.access.log
z-h-e-n-119.appspot.com.access.log
z-h-e-n-119.appspot.com.access.log.1
...

有很多不同域名的文件都喜欢这个!

是安全隐患吗?如何解决此问题并在将来阻止此类活动?

1 个答案:

答案 0 :(得分:0)

你应该添加另一个块

server {
    listen 80 default;
    listen 443 ssl default;
    server_tokens off;

    ssl_certificate /path/to/certificate.pem;
    ssl_certificate_key /path/to/certificate.key;
    return 403 "Nothing here";
    access_log off;
}

这样做会听取www.example.com以外的任何内容并返回403。您可以返回200或其他任何您想要的内容。