您的位置: 首页  >  技术问答  >  日志显示来自未知IP的持续GET请求

日志显示来自未知IP的持续GET请求

分类: 技术问答 2022-06-16 15:58:00
问题描述:

我在AWS EC2实例上有Ubuntu,Apache,Rails 4站点。我的网站工作正常,但现在说它与用户过载。情况并非如此,因为它是一个私人网站。 My-tail日志显示该网站不断被请求以下重复的GET请求。日志显示来自未知IP的持续GET请求

I, [2015-04-01T21:37:43.996476 #1198] INFO -- : Rendered layouts/_google_analytics.html.erb (1.2ms) 
I, [2015-04-01T21:37:43.997616 #1198] INFO -- : Completed 200 OK in 1155ms (Views: 1154.0ms | ActiveRecord: 0.0ms) 
I, [2015-04-01T21:37:44.184503 #1198] INFO -- : Started GET "/" for 54.###.##.### at 2015-04-01 21:37:44 +0000 
I, [2015-04-01T21:37:44.273012 #1198] INFO -- : Processing by HomeController#home_page as */* 
I, [2015-04-01T21:37:44.733609 #1198] INFO -- : Rendered home/_sign_up_modal.html.erb (99.0ms) 
I, [2015-04-01T21:37:44.860521 #1198] INFO -- : Rendered home/home_page.html.erb within layouts/application (585.2ms) 
I, [2015-04-01T21:37:44.864389 #1198] INFO -- : Rendered /home/ubuntu/.rvm/gems/ruby-2.1.5/gems/stripe-rails-0.3.1/app/views/stripe/_js.html.erb (3.1ms)

与每个请求唯一不同的是GET每次都来自不同的IP。 54。###。##。###每次都会改变。 他们都不是用户,我相信这一点。

Started GET "/" for 54.###.##.### at 2015-04-01 21:37:44 +0000

这是某种负载攻击吗?我对此很陌生,并希望我提供足够的信息来帮助,但如果我分享不够,请提出更多要求。

/etc/apache2/sites-available/000-default.conf

<VirtualHost *:80> 
     ServerName ec2-54-###-###-##.us-west-2.compute.amazonaws.com 
     # !!! Be sure to point DocumentRoot to 'public'! 
     DocumentRoot /etc/projects/myapp/public 

     <Directory /etc/projects/myapp/public> 
       #Options FollowSymLinks 
       Options Indexes FollowSymLinks Includes ExecCGI 
       AllowOverride All 
       Order deny,allow 
       Allow from all 
     </Directory> 
    </VirtualHost>

编辑

我每次加的https://wiki.apache.org/httpd/ProxyAbuse以下,但现在我收到“您没有权限访问/在此服务器上“。 /etc/apache2/sites-available/000-default.conf

<VirtualHost *:80> 
    ServerName default.only 
    <Location /> 
    Order allow,deny 
    Deny from all 
    </Location> 
</VirtualHost> 

<VirtualHost *:80> 
    ServerName ec2-54-##-###-##.us-west-2.compute.amazonaws.com 
    # !!! Be sure to point DocumentRoot to 'public'! 
    DocumentRoot /etc/projects/myapp/public 

    <Directory /etc/projects/myapp/public> 
      #Options FollowSymLinks 
      Options Indexes FollowSymLinks Includes ExecCGI 
      AllowOverride All 
      Order deny,allow 
      Allow from all 
    </Directory>

+1

我认为'54.x.x.x'是客户端IP,它与您的服务器无关。 – Barmar 2015-04-01 21:42:09

+0

如何阻止这些请求? – MicFin 2015-04-01 21:48:55

+1

你不能。黑客会破解。 – Barmar 2015-04-01 21:49:24

把规则亚马逊将禁止(或限制),其IP范围,直到你看着办吧。您可以设置允许/禁止IP范围和端口的权限。

相关推荐