我有一台 VPS 服务器,我已将 Apache 配置为 Web 服务器。由于带宽使用率意外高,我昨天检查了服务器的访问日志。有很多请求形式如下
184.22.43.216 - - [14/Mar/2013:21:24:44 +0530] "GET http://s.youtube.com/s?abd=1&bc=71802&bd=69&bt=115.352&cfps=24&cr=US&decoding=accelerated&el=embedded&eurl=http%3A%2F%2Fwww.facebook.com&mos=0&pixel_ratio=1&fs=0&nsiabblmax=7778.000&nsiabblmean=3985.000&nsiabblmin=2425.000&nsivbblc=67&nsivbblmax=17694.000&nsivbblmean=9481.000&nsivbblmin=3178.000&hbd=19797274&hbt=43.379&tsphab=1&tspfdt=2398&hasstoryboard=1&rmkt=1&len=316&docid=YpEqFE5Buas&lact=16412&vtmp=1&ptk=youtube_none&fexp=916408,919319,914070,916623,920704,912806,902000,919512,929901,913605,925006,906938,931202,931203,931401,908529,930803,920201,930101,930603&vq=auto&rendering=software&scoville=1&volume=88&fmt=34&uga=f55&autoplay=0&rt=14.289&sendtmp=1&plid=AATX5Ina-G9GwpNm&w=640&h=360&csipt=watch7&sourceid=y&screenh=1200&screenw=1800&sd=BD5980145HH1354750963912754&nsiabblc=124&md=1&et=10.289&ns=yt&sw=0.1&playerh=390&playerw=640&st=0&subscribed=1&tpmt=14&vh=360&vw=640&tspne=0&ldpj=0&idpj=0&hl=en_US&vid=KlVx6rUvP2me1GNGjHGXYgNRXQq8TI3nC HTTP/1.1" 204 -
184.22.43.216 - - [14/Mar/2013:21:24:46 +0530] "GET http://s.youtube.com/s?nsiabblmax=7861.000&nsiabblmean=3995.000&nsiabblmin=2452.000&nsivbblc=66&nsivbblmax=17869.000&nsivbblmean=9528.000&nsivbblmin=3223.000&hbd=19867394&hbt=45.386&tsphab=1&tspfdt=2610&hasstoryboard=1&rmkt=1&len=136&docid=6FFK5aN6vEI&lact=15679&vtmp=1&abd=1&bc=78858&bd=67&bt=113.318&cfps=21&cr=US&decoding=accelerated&el=embedded&eurl=http%3A%2F%2Fwww.facebook.com&mos=0&pixel_ratio=1&fs=0&ptk=youtube_none&fexp=923415,920507,914051,920704,912806,902000,919512,929901,913605,925006,906938,931202,931401,908529,930803,920201,930101,930603,926403&vq=auto&rendering=software&scoville=1&volume=86&fmt=34&uga=f58&autoplay=0&rt=14.263&sendtmp=1&plid=AATX5IoBj_BwzUFQ&w=640&h=360&csipt=watch7&sourceid=y&screenh=1200&screenw=1900&sd=BD5980145HH1354750963912806&nsiabblc=123&md=1&et=10.263&ns=yt&sw=0.1&playerh=390&playerw=640&st=0&subscribed=1&tpmt=13&vh=360&vw=640&tspne=0&ldpj=0&idpj=0&hl=en_US&vid=-CPztaAkCxyQ-ipOBWFLyFxzqPMiqNJdC HTTP/1.1" 204 -
184.22.61.244 - - [14/Mar/2013:21:24:51 +0530] "GET http://s.youtube.com/s?nsiabblmax=7551.000&nsiabblmean=3881.000&nsiabblmin=2372.000&nsivbblc=61&nsivbblmax=17255.000&nsivbblmean=9316.000&nsivbblmin=3059.000&hbd=19676987&hbt=40.367&tsphab=1&tspfdt=2044&hasstoryboard=1&rmkt=1&len=267&docid=hzS--rbPJfA&lact=15212&vtmp=1&abd=1&bc=60700&bd=65&bt=110.295&cfps=19&cr=US&decoding=accelerated&el=embedded&eurl=http%3A%2F%2Fwww.facebook.com&mos=0&pixel_ratio=1&fs=0&ptk=youtube_none&fexp=910207,916714,916624,901448,920704,912806,902000,919512,929901,913605,925006,906938,931202,931401,908529,930803,920201,930101,930603,926403&vq=auto&rendering=software&scoville=1&volume=84&fmt=34&uga=f49&autoplay=0&rt=13.246&sendtmp=1&plid=AATX5IpJcG0R-mCK&w=640&h=360&csipt=watch7&sourceid=y&screenh=1100&screenw=1600&sd=BD5980145HH1354750963912669&md=1&et=10.246&ns=yt&sw=0.1&playerh=390&playerw=640&st=0&subscribed=1&tpmt=13&vh=360&vw=640&tspne=0&ldpj=0&idpj=0&hl=en_US&vid=5pcfUVcE9HP_VyZ768SQvb84dLg3yP5xC HTTP/1.1" 204 -
184.82.179.79 - - [14/Mar/2013:21:24:53 +0530] "GET http://s.youtube.com/s?ptk=vevo&fexp=900225,901803,931902,919360,929221,916624,920704,912806,902000,919512,929901,913605,925006,906938,931202,931401,908529,930803,920201,930101,930603&vq=auto&rendering=software&scoville=1&volume=92&fmt=34&uga=m28&autoplay=0&rt=11.321&sendtmp=1&plid=AATX5Ipzt705I6rw&w=640&h=360&csipt=watch7&sourceid=y&screenh=600&screenw=800&sd=BADC23E01HH1353129541108137&nsiabblc=116&abd=1&bc=20351&bd=73&bt=114.396&cfps=28&cr=US&decoding=accelerated&el=embedded&eurl=http%3A%2F%2Fwww.vevo.com&mos=0&pixel_ratio=1&fs=0&nsiabblmax=6713.000&nsiabblmean=3652.000&nsiabblmin=2136.000&nsivbblc=52&nsivbblmax=15552.000&nsivbblmean=8782.000&nsivbblmin=2609.000&hbd=19065843&hbt=21.306&tsphab=1&tspfdt=276&hasstoryboard=1&rmkt=1&len=281&docid=6cfCgLgiFDM&lact=17319&vtmp=1&md=1&et=10.321&ns=yt&sw=0.1&playerh=390&playerw=640&st=0&subscribed=1&tpmt=14&vh=360&vw=640&tspne=0&ldpj=0&idpj=0&hl=en_US&vid=9blcMb6bjX2hMCYOgqW6igoFZLksLbjaC HTTP/1.1" 204 -
64.120.216.123 - - [14/Mar/2013:21:24:54 +0530] "GET http://s.youtube.com/s?ptk=youtube_none&fexp=906073,910207,914028,916623,901478,920704,912806,902000,919512,929901,913605,925006,906938,931202,931401,908529,930803,920201,929602,930101,930603&vq=auto&rendering=software&scoville=1&volume=99&fmt=34&uga=f46&autoplay=0&rt=13.390&sendtmp=1&plid=AATX5Ip_78b4gOUe&w=640&h=360&csipt=watch7&sourceid=y&screenh=1000&screenw=1500&sd=BD5980145HH1354750963912418&nsiabblc=132&abd=1&bc=54657&bd=80&bt=124.488&cfps=37&cr=US&decoding=accelerated&el=embedded&eurl=http%3A%2F%2Fwww.facebook.com&mos=0&pixel_ratio=1&fs=0&nsiabblmax=7587.000&nsiabblmean=3989.000&nsiabblmin=2358.000&nsivbblc=69&nsivbblmax=17277.000&nsivbblmean=9388.000&nsivbblmin=3073.000&hbd=19596986&hbt=37.359&tsphab=1&tspfdt=1832&hasstoryboard=1&rmkt=1&len=200&docid=pJXheCgkchw&lact=19251&vtmp=1&md=1&et=10.390&ns=yt&sw=0.1&playerh=390&playerw=640&st=0&subscribed=1&tpmt=15&vh=360&vw=640&tspne=0&ldpj=0&idpj=0&hl=en_US&vid=2vEyOpur01CJtruUvqlVIvOIQr0FTOMKC HTTP/1.1" 204 -
78.46.137.25 - - [14/Mar/2013:21:25:00 +0530] "GET http://www.bing.com/ HTTP/1.1" 200 33113
184.82.122.169 - - [14/Mar/2013:21:25:01 +0530] "GET http://www.youtube.com/embed/78jAjtmvXWQ HTTP/1.1" 200 10048
184.82.122.169 - - [14/Mar/2013:21:25:02 +0530] "GET http://www.youtube.com/get_video_info?hl=en_US&eurl=http%3A%2F%2Fwww.facebook.com&sts=357363693998&asv=3&video_id=78jAjtmvXWQ&el=embedded HTTP/1.1" 200 22098
184.82.122.169 - - [14/Mar/2013:21:25:03 +0530] "GET http://www.youtube.com/user_watch?eurl=http%3A%2F%2Fwww.facebook.com&asv=3&video_id=78jAjtmvXWQ&el=embedded&fmt=5&plid=AATX5Iuz5PNfbkoc&t=vjVQa1PpcFOp1CuOTsq4vqJKYxpXj4OSdkeZLzM_nXg= HTTP/1.1" 204 -
与代理相关的服务器配置部分如下
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin [email protected]
DocumentRoot /var/www/example/production
ServerName www.example.in
ServerAlias www.example.in
SetEnv proxy-initial-not-pooled 1
ErrorLog logs/production.example.in-error_log
CustomLog logs/production.example.in-access_log common
<Directory "var/www/example/production">
AllowOverride All
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerAdmin [email protected]
DocumentRoot /var/www/html
ServerName dev.example.in
ServerAlias dev.example.in
ErrorLog logs/develop.example.in-error_log
CustomLog logs/develop.example.in-access_log common
php_value short_open_tag On
SetEnv proxy-initial-not-pooled 1
<Directory "/var/www/html">
AllowOverride All
</Directory>
ProxyPass /jarPubSub htttp://localhost:8002 retry=1 timeout=600 acquire=3000 Keepalive=On
ProxyPassReverse /jarPubSub http://localhost:8002
</VirtualHost>
<VirtualHost *:80>
ServerAdmin [email protected]
DocumentRoot /var/www/example/staging
ServerName stage.example.in
ErrorLog logs/stage.example.in-error_log
CustomLog logs/stage.example.in-access_log common
php_value short_open_tag On
SetEnv proxy-initial-not-pooled 1
<Directory "var/www/example/staging">
AllowOverride All
</Directory>
ProxyPass /jarvis http://localhost:8001
ProxyPassReverse /jarvis http://localhost:8001
ProxyPass /jarPubSub http://localhost:8002
ProxyPassReverse /jarPubSub http://localhost:8002
</VirtualHost>
ProxyRequests On
ProxyPass /example-rtw http://example.in:7070/http-bind/
ProxyPassReverse /example-rtw http://example.in:7070/http-bind/
ProxyPass /jarvis http://localhost:8001 retry=0 timeout=5 Keepalive=On
ProxyPassReverse /jarvis http://localhost:8001
ProxyPass /jarPubSub http://localhost:8002 retry=0 timeout=5 Keepalive=On
ProxyPassReverse /jarPubSub http://localhost:8002
我拥有的带宽报告显示传入和传出的数据量几乎相同。访问日志和带宽报告使我推断我的服务器被用作代理。
我怎样才能防止这种情况发生?
答案1
ProxyRequests On
该指令使正向代理,这就是 Apache 允许您看到的请求的原因。此指令对于反向代理(即ProxyPass
)不是必需的,因此您不应启用它。删除此行或将其更改为off
。