如果我telnet [myserver.mydomain.com] 25
尝试
Trying [ip number]...
telnet: Unable to connect to remote host: Connection refused
但我仍然收到奇怪的请求,例如以下请求var_dump($_SERVER)
,似乎他们已连接到 25(!?) 并错误地认为服务器名称是mx3.mail2000.com.tw
或mta6.am0.yahoodns.net
。为什么?这是什么意思?端口 25 是否打开?远程用户或计算机试图做什么?我该怎么办?
[_SERVER] => Array
(
[SCRIPT_URL] => /
[SCRIPT_URI] => http://mx3.mail2000.com.tw:25/
[PATH] => /sbin:/usr/sbin:/bin:/usr/bin
[SERVER_SIGNATURE] => <address>Apache/2.2.15 (CentOS) Server at mx3.mail2000.com.tw Port 25</address>
[SERVER_SOFTWARE] => Apache/2.2.15 (CentOS)
[SERVER_NAME] => mx3.mail2000.com.tw
[SERVER_ADDR] => 178.[rest of ip number]
[SERVER_PORT] => 25
[REMOTE_ADDR] => 61.228.28.159
[DOCUMENT_ROOT] => /var/www/html/[some/dirs]
[SERVER_ADMIN] => webmaster@[subdomain.servername.topdomain]
[SCRIPT_FILENAME] => /var/www/html/[some/dirs]/index.php
[REMOTE_PORT] => 2913
[GATEWAY_INTERFACE] => CGI/1.1
[SERVER_PROTOCOL] => HTTP/1.0
[REQUEST_METHOD] => CONNECT
[QUERY_STRING] =>
[REQUEST_URI] => mx3.mail2000.com.tw:25
[SCRIPT_NAME] => /index.php
[PHP_SELF] => /index.php
[REQUEST_TIME] => 1406423398
)
以下是来自另一台远程计算机的另一个奇怪请求的数据:
[_SERVER] => Array
(
[SCRIPT_URL] => /
[SCRIPT_URI] => http://mta6.am0.yahoodns.net:25/
[PATH] => /sbin:/usr/sbin:/bin:/usr/bin
[SERVER_SIGNATURE] => <address>Apache/2.2.15 (CentOS) Server at mta6.am0.yahoodns.net Port 25</address>
[SERVER_SOFTWARE] => Apache/2.2.15 (CentOS)
[SERVER_NAME] => mta6.am0.yahoodns.net
[SERVER_ADDR] => 178.[rest of ip number]
[SERVER_PORT] => 25
[REMOTE_ADDR] => 111.241.28.240
[DOCUMENT_ROOT] => /var/www/html/[some/dirs]
[SERVER_ADMIN] => webmaster@[subdomain.servername.topdomain]
[SCRIPT_FILENAME] => /var/www/html/[some/dirs]/index.php
[REMOTE_PORT] => 2658
[GATEWAY_INTERFACE] => CGI/1.1
[SERVER_PROTOCOL] => HTTP/1.0
[REQUEST_METHOD] => CONNECT
[QUERY_STRING] =>
[REQUEST_URI] => mta6.am0.yahoodns.net:25
[SCRIPT_NAME] => /index.php
[PHP_SELF] => /index.php
[REQUEST_TIME] => 1406318351
)
编辑:
access_log
:
>cat access_log* | egrep -i "yahoodns|mail2000" | sort -g
1.163.222.123 - - [21/Jul/2014:13:55:03 +0200] "CONNECT mx0.mail2000.com.tw:25 HTTP/1.0" 404 380 "-" "-"
1.163.222.196 - - [26/Jul/2014:14:32:23 +0200] "CONNECT mx0.mail2000.com.tw:25 HTTP/1.0" 404 17985 "-" "-"
1.163.5.130 - - [21/Jul/2014:17:54:53 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 380 "-" "-"
61.228.16.187 - - [22/Jul/2014:18:11:53 +0200] "CONNECT mta6.am0.yahoodns.net:25 HTTP/1.0" 404 18046 "-" "-"
61.228.22.8 - - [19/Jul/2014:19:29:06 +0200] "CONNECT mx2.mail2000.com.tw:25 HTTP/1.0" 404 380 "-" "-"
61.228.28.159 - - [27/Jul/2014:03:09:58 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 18014 "-" "-"
61.228.88.169 - - [27/Jul/2014:16:55:47 +0200] "CONNECT mx2.mail2000.com.tw:25 HTTP/1.0" 404 18014 "-" "-"
61.231.84.4 - - [25/Jul/2014:10:57:42 +0200] "CONNECT mta6.am0.yahoodns.net:25 HTTP/1.0" 404 18042 "-" "-"
61.231.86.68 - - [18/Jul/2014:15:27:48 +0200] "CONNECT mx0.mail2000.com.tw:25 HTTP/1.0" 404 380 "-" "-"
111.241.28.240 - - [25/Jul/2014:21:59:11 +0200] "CONNECT mta6.am0.yahoodns.net:25 HTTP/1.0" 404 18048 "-" "-"
111.241.34.142 - - [23/Jul/2014:21:05:13 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 18016 "-" "-"
111.241.38.175 - - [24/Jul/2014:03:36:21 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 18016 "-" "-"
111.241.47.165 - - [22/Jul/2014:23:56:08 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 18016 "-" "-"
111.248.113.63 - - [28/Jul/2014:01:04:51 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 18016 "-" "-"
111.248.118.145 - - [22/Jul/2014:11:29:29 +0200] "CONNECT mta5.am0.yahoodns.net:25 HTTP/1.0" 404 380 "-" "-"
111.248.118.41 - - [20/Jul/2014:02:13:28 +0200] "CONNECT mx0.mail2000.com.tw:25 HTTP/1.0" 404 380 "-" "-"
111.248.118.67 - - [26/Jul/2014:02:08:52 +0200] "CONNECT mta6.am0.yahoodns.net:25 HTTP/1.0" 404 18048 "-" "-"
>
以下是我认为已更改的部分
httpd.conf
:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
<VirtualHost *:80>
ServerAdmin webmaster@[domain1].com
DocumentRoot /var/www/html/[domain1]
ServerName [subdomain1].[domain1].com
DirectoryIndex "index.html" "index.php"
ErrorDocument 404 /error.html
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]
</IfModule>
LogLevel warn
ServerAlias [domain1].com
ServerAlias [domain1].net
ServerAlias *.[domain1].com
ServerAlias *.[domain1].net
ServerAlias *.[domain1].org
ServerAlias *.[domain2].com
ServerAlias [domain2].com
ServerAlias [subdomain1].[domain2].com
ServerAlias [subdomain1].[domain1].com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
</VirtualHost>