Apache / php 中带有错误 server_name 和端口 25 的奇怪请求

Apache / php 中带有错误 server_name 和端口 25 的奇怪请求

如果我telnet [myserver.mydomain.com] 25尝试

Trying [ip number]...
telnet: Unable to connect to remote host: Connection refused

但我仍然收到奇怪的请求,例如以下请求var_dump($_SERVER),似乎他们已连接到 25(!?) 并错误地认为服务器名称是mx3.mail2000.com.twmta6.am0.yahoodns.net。为什么?这是什么意思?端口 25 是否打开?远程用户或计算机试图做什么?我该怎么办?

    [_SERVER] => Array
    (
        [SCRIPT_URL] => /
        [SCRIPT_URI] => http://mx3.mail2000.com.tw:25/
        [PATH] => /sbin:/usr/sbin:/bin:/usr/bin
        [SERVER_SIGNATURE] => <address>Apache/2.2.15 (CentOS) Server at mx3.mail2000.com.tw Port 25</address>

        [SERVER_SOFTWARE] => Apache/2.2.15 (CentOS)
        [SERVER_NAME] => mx3.mail2000.com.tw
        [SERVER_ADDR] => 178.[rest of ip number]
        [SERVER_PORT] => 25
        [REMOTE_ADDR] => 61.228.28.159
        [DOCUMENT_ROOT] => /var/www/html/[some/dirs]
        [SERVER_ADMIN] => webmaster@[subdomain.servername.topdomain]
        [SCRIPT_FILENAME] => /var/www/html/[some/dirs]/index.php
        [REMOTE_PORT] => 2913
        [GATEWAY_INTERFACE] => CGI/1.1
        [SERVER_PROTOCOL] => HTTP/1.0
        [REQUEST_METHOD] => CONNECT
        [QUERY_STRING] =>
        [REQUEST_URI] => mx3.mail2000.com.tw:25
        [SCRIPT_NAME] => /index.php
        [PHP_SELF] => /index.php
        [REQUEST_TIME] => 1406423398
    )

以下是来自另一台远程计算机的另一个奇怪请求的数据:

    [_SERVER] => Array
    (
        [SCRIPT_URL] => /
        [SCRIPT_URI] => http://mta6.am0.yahoodns.net:25/
        [PATH] => /sbin:/usr/sbin:/bin:/usr/bin
        [SERVER_SIGNATURE] => <address>Apache/2.2.15 (CentOS) Server at mta6.am0.yahoodns.net Port 25</address>

        [SERVER_SOFTWARE] => Apache/2.2.15 (CentOS)
        [SERVER_NAME] => mta6.am0.yahoodns.net
        [SERVER_ADDR] => 178.[rest of ip number]
        [SERVER_PORT] => 25
        [REMOTE_ADDR] => 111.241.28.240
        [DOCUMENT_ROOT] => /var/www/html/[some/dirs]
        [SERVER_ADMIN] => webmaster@[subdomain.servername.topdomain]
        [SCRIPT_FILENAME] => /var/www/html/[some/dirs]/index.php
        [REMOTE_PORT] => 2658
        [GATEWAY_INTERFACE] => CGI/1.1
        [SERVER_PROTOCOL] => HTTP/1.0
        [REQUEST_METHOD] => CONNECT
        [QUERY_STRING] =>
        [REQUEST_URI] => mta6.am0.yahoodns.net:25
        [SCRIPT_NAME] => /index.php
        [PHP_SELF] => /index.php
        [REQUEST_TIME] => 1406318351
    )

编辑: access_log

>cat access_log* | egrep -i "yahoodns|mail2000" | sort -g
1.163.222.123 - - [21/Jul/2014:13:55:03 +0200] "CONNECT mx0.mail2000.com.tw:25 HTTP/1.0" 404 380 "-" "-"
1.163.222.196 - - [26/Jul/2014:14:32:23 +0200] "CONNECT mx0.mail2000.com.tw:25 HTTP/1.0" 404 17985 "-" "-"
1.163.5.130 - - [21/Jul/2014:17:54:53 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 380 "-" "-"
61.228.16.187 - - [22/Jul/2014:18:11:53 +0200] "CONNECT mta6.am0.yahoodns.net:25 HTTP/1.0" 404 18046 "-" "-"
61.228.22.8 - - [19/Jul/2014:19:29:06 +0200] "CONNECT mx2.mail2000.com.tw:25 HTTP/1.0" 404 380 "-" "-"
61.228.28.159 - - [27/Jul/2014:03:09:58 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 18014 "-" "-"
61.228.88.169 - - [27/Jul/2014:16:55:47 +0200] "CONNECT mx2.mail2000.com.tw:25 HTTP/1.0" 404 18014 "-" "-"
61.231.84.4 - - [25/Jul/2014:10:57:42 +0200] "CONNECT mta6.am0.yahoodns.net:25 HTTP/1.0" 404 18042 "-" "-"
61.231.86.68 - - [18/Jul/2014:15:27:48 +0200] "CONNECT mx0.mail2000.com.tw:25 HTTP/1.0" 404 380 "-" "-"
111.241.28.240 - - [25/Jul/2014:21:59:11 +0200] "CONNECT mta6.am0.yahoodns.net:25 HTTP/1.0" 404 18048 "-" "-"
111.241.34.142 - - [23/Jul/2014:21:05:13 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 18016 "-" "-"
111.241.38.175 - - [24/Jul/2014:03:36:21 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 18016 "-" "-"
111.241.47.165 - - [22/Jul/2014:23:56:08 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 18016 "-" "-"
111.248.113.63 - - [28/Jul/2014:01:04:51 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 18016 "-" "-"
111.248.118.145 - - [22/Jul/2014:11:29:29 +0200] "CONNECT mta5.am0.yahoodns.net:25 HTTP/1.0" 404 380 "-" "-"
111.248.118.41 - - [20/Jul/2014:02:13:28 +0200] "CONNECT mx0.mail2000.com.tw:25 HTTP/1.0" 404 380 "-" "-"
111.248.118.67 - - [26/Jul/2014:02:08:52 +0200] "CONNECT mta6.am0.yahoodns.net:25 HTTP/1.0" 404 18048 "-" "-"
>

以下是我认为已更改的部分 httpd.conf

# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
<VirtualHost *:80>
    ServerAdmin webmaster@[domain1].com
    DocumentRoot /var/www/html/[domain1]
    ServerName [subdomain1].[domain1].com
    DirectoryIndex "index.html" "index.php"
    ErrorDocument 404 /error.html
    <IfModule mod_rewrite.c>
            RewriteEngine On
            RewriteCond %{REQUEST_METHOD} ^TRACE
            RewriteRule .* - [F]
    </IfModule>
    LogLevel warn
    ServerAlias [domain1].com
    ServerAlias [domain1].net
    ServerAlias *.[domain1].com
    ServerAlias *.[domain1].net
    ServerAlias *.[domain1].org
    ServerAlias *.[domain2].com
    ServerAlias [domain2].com
    ServerAlias [subdomain1].[domain2].com
    ServerAlias [subdomain1].[domain1].com

#    ErrorLog logs/dummy-host.example.com-error_log
#    CustomLog logs/dummy-host.example.com-access_log common
</VirtualHost>

相关内容