我的 AWS Elastic Beanstalk 帐户每天都收到错误消息:“环境健康状况已从正常过渡到严重。100.0% 的请求出现 HTTP 4xx 错误”。
在查看服务器日志时,它在访问几个奇怪的网页(不存在)后不断下降。部分日志:
/var/log/httpd/error_log-XXX
[XXX] [:error] [pid XXX] [client XXXX] script '/var/www/html/w.php' not found or unable to stat
[XXX] [:error] [pid XXX] [client XXX] script '/var/www/html/sheep.php' not found or unable to stat
[XXX] [:error] [pid XXX] [client XXX] script '/var/www/html/qaq.php' not found or unable to stat
[XXX] [:error] [pid XXX] [client XXX] script '/var/www/html/db.init.php' not found or unable to stat
[XXX] [:error] [pid XXX] [client XXX] script '/var/www/html/db_session.init.php' not found or unable to stat
[XXX] [:error] [pid XXX] [client XXX] script '/var/www/html/db__.init.php' not found or unable to stat
[XXX] [:error] [pid XXX] [client XXX] script '/var/www/html/wp-admins.php' not found or unable to stat
[XXX] [:error] [pid XXX] [client XXX] script '/var/www/html/m.php' not found or unable to stat
[XXX] [:error] [pid XXX] [XXX] script '/var/www/html/db_dataml.php' not found or unable to stat
...
[XXX] [XXX] [pid XXX] XXX: Graceful restart requested, doing restart
有谁知道这是怎么回事?谢谢!
我怀疑这是某种攻击(DDoS)。
也许有人正在不同端口上扫描您的网站,并寻找可能是后门或类似内容的特定文件 (w.php)。由于文件不存在,它会引发错误。
我推荐以下步骤:
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句