如何减轻黑客寻找漏洞的威胁?

如何减轻黑客寻找漏洞的威胁?

我在公司内部的网络服务器上运行一个 Rails 应用程序,有时我会在日志中看到以下消息:

I, [2014-09-04T06:15:33.057513 #37024]  INFO -- : Started GET "/pma/scripts/setup.php" for 203.114.105.46 at 2014-09-04 06:│00
I,│15:33 -0300                                                                                                                │
I,│F, [2014-09-04T06:15:33.059088 #37024] FATAL -- :                                                                          │
I,│ActionController::RoutingError (No route matches [GET] "/pma/scripts/setup.php"):                                          │30
0 │  actionpack (4.1.4) lib/action_dispatch/middleware/debug_exceptions.rb:21:in `call'                                       │
I,│  actionpack (4.1.4) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'                                        │
I,│  railties (4.1.4) lib/rails/rack/logger.rb:38:in `call_app'                                                               │
00│  railties (4.1.4) lib/rails/rack/logger.rb:20:in `block in call'                                                          │
20│  activesupport (4.1.4) lib/active_support/tagged_logging.rb:68:in `block in tagged'                                       │
20│  activesupport (4.1.4) lib/active_support/tagged_logging.rb:26:in `tagged'                                                │
20│  activesupport (4.1.4) lib/active_support/tagged_logging.rb:68:in `tagged'                                                │
20│  railties (4.1.4) lib/rails/rack/logger.rb:20:in `call'                                                                   │
20│  actionpack (4.1.4) lib/action_dispatch/middleware/request_id.rb:21:in `call'                                             │
20│  rack (1.5.2) lib/rack/methodoverride.rb:21:in `call'                                                                     │
20│  rack (1.5.2) lib/rack/runtime.rb:17:in `call'                                                                            │
20│  activesupport (4.1.4) lib/active_support/cache/strategy/local_cache_middleware.rb:26:in `call'                           │
20│  rack (1.5.2) lib/rack/sendfile.rb:112:in `call'                                                                          │
20│  railties (4.1.4) lib/rails/engine.rb:514:in `call'     

看起来像是一个任意机器人试图寻找一个开放的服务器...有办法阻止这些事情吗?我正在使用带有 nginx/1.4.6 的 Ubuntu 14.04

答案1

您可能需要查看一些防火墙和/或软件,例如失败禁止它将监视日志文件中的模式,并根据触发器禁止 IP 地址。

相关内容