找不到php或无法统计

时间:2018-12-26 09:44:51

标签: php apache

在我的Apache错误日志中,我每天继续在PHP错误以下。

[Wed Dec 26 01:31:33.736040 2018] [php7:error] [pid 14965] [client 129.204.75.228:62753] script '/var/www/html/help.php' not found or unable to stat
[Wed Dec 26 01:31:33.968964 2018] [php7:error] [pid 14965] [client 129.204.75.228:62753] script '/var/www/html/java.php' not found or unable to stat
[Wed Dec 26 01:31:34.193285 2018] [php7:error] [pid 14965] [client 129.204.75.228:62753] script '/var/www/html/_query.php' not found or unable to stat
[Wed Dec 26 01:31:34.438809 2018] [php7:error] [pid 14965] [client 129.204.75.228:62753] script '/var/www/html/test.php' not found or unable to stat
[Wed Dec 26 01:31:34.670210 2018] [php7:error] [pid 14965] [client 129.204.75.228:62753] script '/var/www/html/db_cts.php' not found or unable to stat
[Wed Dec 26 01:31:34.906519 2018] [php7:error] [pid 14965] [client 129.204.75.228:62753] script '/var/www/html/db_pma.php' not found or unable to stat
[Wed Dec 26 01:31:35.730291 2018] [php7:error] [pid 14965] [client 129.204.75.228:62753] script '/var/www/html/logon.php' not found or unable to stat
[Wed Dec 26 01:31:35.951930 2018] [php7:error] [pid 14965] [client 129.204.75.228:62753] script '/var/www/html/help-e.php' not found or unable to stat
[Wed Dec 26 01:31:36.191505 2018] [php7:error] [pid 14965] [client 129.204.75.228:62753] script '/var/www/html/license.php' not found or unable to stat
[Wed Dec 26 01:31:36.847792 2018] [php7:error] [pid 14965] [client 129.204.75.228:62753] script '/var/www/html/log.php' not found or unable to stat
[Wed Dec 26 01:31:37.550605 2018] [php7:error] [pid 14965] [client 129.204.75.228:62753] script '/var/www/html/hell.php' not found or unable to stat
[Wed Dec 26 01:31:37.798508 2018] [php7:error] [pid 14965] [client 129.204.75.228:62753] script '/var/www/html/pmd_online.php' not found or unable to stat

在/ var / www / html /
路径上没有任何PHP文件 我不知道客户端IP,而且每天都会更改此客户端IP。我在Ubuntu 18.04和Apache 2.4.29上使用PHP 7.2。

1 个答案:

答案 0 :(得分:0)

这些文件与攻击者试图利用的潜在漏洞有关。

您的日志中显示的IP地址来自中国https://www.abuseipdb.com/check/129.204.75.228

由于没有文件,因此可以使用相同的名称创建文件,以重定向攻击者以下载庞大的文件。

<?php
    header('Location: http://speedtest.tele2.net/10GB.zip');
    die();
?>

此外,通过执行此操作,日志将不再报告错误。

相关问题
最新问题