nginx日志中出现很多不是我博客的连接,请问这个是怎么回事?-问答-阿里云开发者社区-阿里云

开发者社区> 问答> 正文

nginx日志中出现很多不是我博客的连接,请问这个是怎么回事?

烂泥行天下 2014-11-22 21:47:19 8297
nginx日志中出现很多不是我博客的连接,请问这个是怎么回事?

今天在登录服务器查看日志时,发现nginx的日志以及我的博客日志中出现很多不是我博客的连接请求,如下:

博客日志,部分信息:
tail -f /usr/nginx/logs/ilanni.com.log

183.60.202.183 - - [22/Nov/2014:22:48:00 +0800] "GEThttp://122.224.19.171:98/CF/1/\xBE\xC6\xCF\xC9\xC4\xA7\xD3\xF2.rar HTTP/1.1" 403 231 "http://122.224.19.171:98/CF/1/\xBE\xC6\xCF\xC9\xC4\xA7\xD3\xF2.rar" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 5.1)" "-"
183.60.202.183 - - [22/Nov/2014:22:48:01 +0800] "GEThttp://122.224.19.171:98/CF/1/\xBE\xC6\xCF\xC9\xC4\xA7\xD3\xF2.rar HTTP/1.1" 403 231 "http://122.224.19.171:98/CF/1/\xBE\xC6\xCF\xC9\xC4\xA7\xD3\xF2.rar" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 5.1)" "-"
60.169.78.143 - - [22/Nov/2014:22:48:01 +0800] "GET http://www.hejkal.cz/nakladatelstvi/titul.asp?75HTTP/1.1" 403 231 "" "" "-"
183.63.149.115 - - [22/Nov/2014:22:48:01 +0800] "GET http://www.linkedin.com/ HTTP/1.1" 499 0 "-" "Jakarta Commons-HttpClient/3.1" "-"
183.60.202.183 - - [22/Nov/2014:22:48:02 +0800] "GEThttp://122.224.19.171:98/CF/1/\xBE\xC6\xCF\xC9\xC4\xA7\xD3\xF2.rar HTTP/1.1" 403 231 "http://122.224.19.171:98/CF/1/\xBE\xC6\xCF\xC9\xC4\xA7\xD3\xF2.rar" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 5.1)" "-"

nginx错误日志,部分信息:

tail -f /usr/nginx/logs/error.log

2014/11/22 22:43:40 [error] 1366#0: *1457 access forbidden by rule, client: 218.75.153.169, server:www.ilanni.com, request: "GET http://122.224.19.171:98/CF/1/酒仙魔域.rar HTTP/1.1", host: "122.224.19.171:98", referrer: "http://122.224.19.171:98/CF/1/酒仙魔域.rar"
2014/11/22 22:43:41 [error] 1366#0: *1458 access forbidden by rule, client: 218.75.153.169, server:www.ilanni.com, request: "GET http://122.224.19.171:98/CF/1/酒仙魔域.rar HTTP/1.1", host: "122.224.19.171:98", referrer: "http://122.224.19.171:98/CF/1/酒仙魔域.rar"


根据博客的日志分析,122.224.19.171这个IP,怎么会出现一直出现,而且貌似还是一个下载连接。

根据nginx的日志分析,122.224.19.171这个IP的请求被拒绝,这个确实是的。我在nginx的配置文件中,直接把此IP给屏蔽了。


而nginx的接入日志,部分信息如下

tail -f /usr/local/nginx/logs/access.log
183.60.202.183 - - [22/Nov/2014:22:21:14 +0800] "GEThttp://122.224.19.171:98/CF/1/\xBE\xC6\xCF\xC9\xC4\xA7\xD3\xF2.rar HTTP/1.1" 301 255 "http://122.224.19.171:98/CF/1/\xBE\xC6\xCF\xC9\xC4\xA7\xD3\xF2.rar" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 5.1)"
183.60.202.183 - - [22/Nov/2014:22:21:14 +0800] "GEThttp://122.224.19.171:98/CF/1/\xBE\xC6\xCF\xC9\xC4\xA7\xD3\xF2.rar HTTP/1.1" 301 255 "http://122.224.19.171:98/CF/1/\xBE\xC6\xCF\xC9\xC4\xA7\xD3\xF2.rar" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 5.1)"
183.60.202.183 - - [22/Nov/2014:22:21:14 +0800] "GEThttp://122.224.19.171:98/CF/1/\xBE\xC6\xCF\xC9\xC4\xA7\xD3\xF2.rar HTTP/1.1" 301 255 "http://122.224.19.171:98/CF/1/\xBE\xC6\xCF\xC9\xC4\xA7\xD3\xF2.rar" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 5.1)"
183.60.202.183 - - [22/Nov/2014:22:21:14 +0800] "GEThttp://122.224.19.171:98/CF/1/\xBE\xC6\xCF\xC9\xC4\xA7\xD3\xF2.rar HTTP/1.1" 301 255 "http://122.224.19.171:98/CF/1/\xBE\xC6\xCF\xC9\xC4\xA7\xD3\xF2.rar" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 5.1)"

请问各位大婶,这个是怎么回事。如何进行屏蔽?很多报错信息,地址如下:

[root@ilanni logs]# tail -f error.log
2014/11/22 21:42:55 [error] 22471#0: *6539980 "/www/ilanni.com/my2/index.php" is not found (2: No such file or directory), client: 183.136.214.89, server: www.ilanni.com, request: "GET http://www.mymy120.net:81/my2/ HTTP/1.1", host: "www.mymy120.net:81", referrer: "http://www.mymy120.net:81/my2/"
2014/11/22 21:42:55 [error] 22471#0: *6539981 open() "/www/ilanni.com/my2/大天使魔域.rar" failed (2: No such file or directory), client: 183.60.202.183, server: www.ilanni.com, request: "GET http://www.mymy120.net:81/my2/大天使魔域.rar HTTP/1.1", host: "www.mymy120.net:81", referrer: "http://www.mymy120.net:81/my2/大天使魔域.rar"
2014/11/22 21:42:55 [error] 22471#0: *6539982 open() "/www/ilanni.com/my2/大天使魔域.rar" failed (2: No such file or directory), client: 183.60.202.183, server: www.ilanni.com, request: "GET http://www.mymy120.net:81/my2/大天使魔域.rar HTTP/1.1", host: "www.mymy120.net:81", referrer: "http://www.mymy120.net:81/my2/大天使魔域.rar"
2014/11/22 21:42:55 [error] 22471#0: *6539983 open() "/www/ilanni.com/my2/大天使魔域.rar" failed (2: No such file or directory), client: 183.60.202.183, server: www.ilanni.com, request: "GET http://www.mymy120.net:81/my2/大天使魔域.rar HTTP/1.1", host: "www.mymy120.net:81", referrer: "http://www.mymy120.net:81/my2/大天使魔域.rar"今天登录服务器,查看nginx日志

/www/ilanni.com目录下没有my2这个目录,我初步判断是 183.136.214.89 返链接到我的服务器。

不知道是怎么回事,哪位大婶帮忙看看……
监控 应用服务中间件 nginx Windows
分享到
取消 提交回答
全部回答(3)
  • 五星西罗
    2014-11-23 12:14:31
    Renginx日志中出现很多不是我博客的连接,请问这个是怎么回事?
      阿里云 北京和青岛、杭州 网络速度和资源有差异吗?
    好像真不一样
    0 0
  • 烂泥行天下
    2014-11-23 10:14:43
    回1楼小猪猪的帖子
    已经屏蔽了该IP,但是在后台日志中还是能看到。这个抓取信息……

    -------------------------

    回3楼五星西罗的帖子
    这个还真的不清楚呢……
    0 0
  • 小猪猪
    2014-11-22 23:40:29
    屏蔽了吧 这个人好像一直在抓取 看看能不能抓取到你打包的文件
    0 0
添加回答
开发与运维
使用钉钉扫一扫加入圈子
+ 订阅

集结各类场景实战经验,助你开发运维畅行无忧

推荐文章
相似问题
推荐课程