xmlrpc.php我之前在服务器上安装了 Wordpress,在遭受 DDOS 攻击后,我阻止了从该文件访问该.htaccess文件:
<Files "xmlrpc.php">
Order allow,deny
Deny from all
</Files>
最近,我卸载了 Wordpress,但仍然对缺失的文件有请求。
我的 error.log 充满了:
[Tue Dec 06 15:30:20 2016] [error] [client 163.172.160.205] client denied by server configuration: /var/www/myserver.com/xmlrpc.php
[Tue Dec 06 15:30:20 2016] [error] [client 212.47.231.34] client denied by server configuration: /var/www/myserver.com/xmlrpc.php
[Tue Dec 06 15:30:20 2016] [error] [client 163.172.143.0] client denied by server configuration: /var/www/myserver.com/xmlrpc.php
[Tue Dec 06 15:30:20 2016] [error] [client 163.172.161.136] client denied by server configuration: /var/www/myserver.com/xmlrpc.php
[Tue Dec 06 15:30:21 2016] [error] [client 163.172.161.64] client denied by server configuration: /var/www/myserver.com/xmlrpc.php
我应该如何停止这些请求或者至少避免记录它们?
答案1
您应该能够使用 fail2ban 轻松完成此操作。