我查看了我的 Apache error.log,发现有几次尝试都wp-config.php失败了。
奇怪的是,它说请求的是网站本身。
攻击者/机器人是如何做到这一点的?
以下是日志[用示例替换实际 URL]:
[Sun Mar 20 09:06:40 2016] [error] [client 105.228.84.134] PHP Fatal error: Call to undefined function _deprecated_file() in /var/www/example/wp-includes/rss-functions.php on line 8, referer: http://example.co.za/
[Sun Mar 20 09:06:41 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-content/debug.log, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php~, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/#wp-config.php#, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php.save, referer: http://example.co.za/
[Sun Mar 20 09:06:44 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.old, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php.swp, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php.swo, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/.wp-config.php.swp, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.bak, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php_bak, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php.bak, referer: http://example.co.za/
[Sun Mar 20 09:06:44 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.save, referer: http://example.co.za/
[Sun Mar 20 09:06:44 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php.old, referer: http://example.co.za/
[Sun Mar 20 09:06:45 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php.orig, referer: http://example.co.za/
[Sun Mar 20 09:06:45 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php.original, referer: http://example.co.za/
[Sun Mar 20 09:06:45 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.orig, referer: http://example.co.za/
[Sun Mar 20 09:06:45 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.original, referer: http://example.co.za/
[Sun Mar 20 09:06:47 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.txt, referer: http://example.co.za/
答案1
标referer头由客户端发送。与user agent标头非常相似,它很容易被欺骗。几乎永远不要相信客户端发送的任何内容。
答案2
Apache 刚刚报告了HTTP 引用者发送在 HTTP 标头中。它没有经过任何验证,因此他们可以轻松地将 referer 设置为任何值。查看 referer(除了统计数据)唯一有用的情况是当有人试图从指向您的网站的另一个网站分享您网站上的图片时。这只有效,因为最终用户通常会使用传递准确 referer 的浏览器。