Nginx 301 重定向不良请求

Nginx 301 重定向不良请求

access.log我在我的 nginx中发现了这些请求:

X.X.X.X - - [03/Apr/2017:20:52:31 +0200] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 301 184 "-" "-"
X.X.X.X - - [03/Apr/2017:20:52:31 +0200] "GET //myadmin/scripts/setup.php HTTP/1.1" 301 184 "-" "-"
X.X.X.X - - [03/Apr/2017:20:52:31 +0200] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 301 184 "-" "-"
X.X.X.X - - [03/Apr/2017:20:52:31 +0200] "GET //MyAdmin/scripts/setup.php HTTP/1.1" 301 184 "-" "-"
X.X.X.X - - [03/Apr/2017:20:52:31 +0200] "GET //pma/scripts/setup.php HTTP/1.1" 301 184 "-" "-"
X.X.X.X - - [03/Apr/2017:20:52:31 +0200] "GET /muieblackcat HTTP/1.1" 301 184 "-" "-"

我知道这些请求是为了查找我的服务器上的漏洞。我们可以看到这些请求永久重定向(301)。但是 nginx/GeoIP 应该用 403(禁止)来阻止它们。为什么这些请求被重定向到哪里?

这是我的 nginx 配置(用作反向代理):

server {
    listen 80;
    server_name example.com;

    # enforce https
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl;
    server_name example.com;

    if ($lan-ip = yes) {
        set $allowed_country yes;
    }

    if ($allowed_country = no) {
        return 403;
    }

    root /var/www/html;

    # SSL Configuration
    # .
    # .
    # .

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
    add_header X-Content-Type-Options nosniff;
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;

    root /var/www/html;

    index index.html;

    location /app {
            proxy_pass https://192.168.0.20;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

这是 GeoIP 阻止方nginx.conf

geoip_country /usr/share/GeoIP/GeoIP.dat;

map $geoip_country_code $allowed_country {
    default no;
    DE yes;
}

geo $lan-ip {
    default no;
    192.168.0.0/24 yes;
}

相关内容