Nginx 日志显示可疑目录访问!如何阻止它们?

tag-icon tag-icon nginx web-crawler
Nginx 日志显示可疑目录访问!如何阻止它们?

最近,我在 Nginx 日志中注意到有 100 条这样的条目,目录搜索执行时出现错误,因为这些目录在我的网络服务器上不存在。现在,一旦它们在搜索几个目录时失败,我该如何阻止它们?

2015/06/29 09:33:54 [error] 23641#0: *1687 open() "/usr/share/nginx/html/section/wp-login.php" failed (2: No such file or directory), client: 116.58.246.226, server: localhost, request: "GET /section/wp-login.php HTTP/1.1", host: "blog.abcd.info"
2015/06/29 09:33:55 [error] 23641#0: *1687 open() "/usr/share/nginx/html/cms/wp-login.php" failed (2: No such file or directory), client: 116.58.246.226, server: localhost, request: "GET /cms/wp-login.php HTTP/1.1", host: "blog.abcd.info"
2015/06/29 09:33:56 [error] 23641#0: *1687 open() "/usr/share/nginx/html/site/wp-login.php" failed (2: No such file or directory), client: 116.58.246.226, server: localhost, request: "GET /site/wp-login.php HTTP/1.1", host: "blog.abcd.info"
2015/06/29 09:33:57 [error] 23641#0: *1687 open() "/usr/share/nginx/html/blog/wp-login.php" failed (2: No such file or directory), client: 116.58.246.226, server: localhost, request: "GET /blog/wp-login.php HTTP/1.1", host: "blog.abcd.info"
2015/06/29 09:33:58 [error] 23641#0: *1687 open() "/usr/share/nginx/html/admin/wp-login.php" failed (2: No such file or directory), client: 116.58.246.226, server: localhost, request: "GET /admin/wp-login.php HTTP/1.1", host: "blog.abcd.info"

答案1

1) 。一般来说,这些爬虫会找到类似“admin.php”的内容 - 您可以收集您自己的 URL 库 ;) 并阻止它们。

2)。 如果您充分了解服务器上运行的 Web 应用程序及其使用的文件 - 您可以拒绝访问所有 php 文件 - 它们是爬虫程序最受欢迎的目标。 并且明确仅允许您的文件。

location =/index.php {
  proxy_pass http://127.0.0.1:<port>;
  proxy_set_header Host $host;
  proxy_set_header X-Real-IP $remote_addr;
}    
location / {
  proxy_pass http://127.0.0.1:<port>;
  proxy_set_header Host $host;
  proxy_set_header X-Real-IP $remote_addr;
}
location =/custom.php {
  # all other Your own scripts You may define such way, as this location
  proxy_pass http://127.0.0.1:<port>;
  proxy_set_header Host $host;
  proxy_set_header X-Real-IP $remote_addr;
}   
location ~ \.php$ {
  access_log /path/to/log/nginx_deny.log name_log;
  deny all;
}

几个月前我在这里问过类似的问题 :) 最后找到了一个好方法。你可以在这里查看更详细的信息: nginx-出于安全原因,拒绝除 index.php 之外的所有 *.php 请求

相关内容