我有一个在 AWS 上运行的 Elastic Beanstalk 应用程序,用于开发目的。它正在运行 NGINX 附带的 Amazon Linux 2 映像。
今天我提取了一些日志,并在错误日志中注意到了很多:
2021/06/24 14:44:52 [error] 10780#10780: *31743 "/usr/share/nginx/html/owa/index.html" is not found (2: No such file or directory), client: 172.XXX.XXX.XXX, server: localhost, request: "GET /owa/ HTTP/1.1", host: "44.XXX.XXX.XXX"
2021/06/24 15:09:50 [error] 10780#10780: *32145 open() "/usr/share/nginx/html/.env" failed (2: No such file or directory), client: 172.XXX.XXX.XXX, server: localhost, request: "GET /.env HTTP/1.1", host: "35.XXX.XXX.XXX"
2021/06/24 15:36:11 [error] 10780#10780: *32566 open() "/usr/share/nginx/html/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php" failed (2: No such file or directory), client: 172.XXX.XXX.XXX, server: localhost, request: "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1", host: "35.XXX.XXX.XXX"
2021/06/24 13:14:42 [error] 10780#10780: *30267 open() "/usr/share/nginx/html/system_api.php" failed (2: No such file or directory), client: 172.XXX.XXX.XXX, server: localhost, request: "GET /system_api.php HTTP/1.1", host: "35.XXX.XXX.XXX"
10780#10780: *30267 是什么意思?在这种情况下,服务器、主机和客户端是什么?
什么会向这些位置发出这些 GET 请求? NGINX 通常在这些位置有 .html、.php 和 .env 文件,还是某个机器人只是盲目地试图查看我是否在服务器上留下了敏感信息?
如果是垃圾邮件,我该如何阻止?
谢谢。