Apache经常挂掉，日志中有奇怪的请求，欢迎探讨-PHP Tutorial-php.cn

Table of Contents

回复内容：

Home

Backend Development

PHP Tutorial

Apache经常挂掉，日志中有奇怪的请求，欢迎探讨

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 06, 2016 pm 08:29 PM

apache php

最近频繁有Apache服务挂掉的问题，分析日志有大量奇怪的访问请求，请问是什么原因？

<code>localhost 115.239.248.246 - - [10/Aug/2015:00:07:42 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.8839821094708698 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:00:40:48 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.4025078830133967 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 192.184.40.114 - - [10/Aug/2015:01:02:54 +0800] "GET http://192.184.40.114/check_proxy.php HTTP/1.1" 404 - "-" "Java/1.7.0_71"
localhost 115.159.2.233 - - [10/Aug/2015:01:03:07 +0800] "GET http://www.szwindoor.com/test/test_proxy.php HTTP/1.1" 404 - "-" "Java/1.7.0_65"
localhost 115.239.248.246 - - [10/Aug/2015:01:13:49 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.3043665172696199 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 192.184.51.130 - - [10/Aug/2015:01:17:51 +0800] "GET http://115.159.2.233/check_proxy.php HTTP/1.1" 404 - "-" "Java/1.7.0_85"
localhost 115.239.248.246 - - [10/Aug/2015:01:46:50 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.4615361246842085 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:02:19:45 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.2990789348253239 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:02:52:44 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.6869198661483608 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:03:25:46 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.2991618600130071 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.159.2.233 - - [10/Aug/2015:03:26:25 +0800] "GET http://www.szwindoor.com/test/test_proxy.php HTTP/1.1" 404 - "-" "Java/1.7.0_65"
localhost 192.184.40.114 - - [10/Aug/2015:03:26:55 +0800] "GET http://192.184.40.114/check_proxy.php HTTP/1.1" 404 - "-" "Java/1.7.0_71"
localhost 115.239.248.246 - - [10/Aug/2015:03:58:42 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.1211653377116418 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:04:31:39 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.0352315087349496 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:05:04:36 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.6878875883743808 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 192.184.40.114 - - [10/Aug/2015:05:17:39 +0800] "GET http://192.184.40.114/check_proxy.php HTTP/1.1" 404 - "-" "Java/1.7.0_71"
localhost 115.159.2.233 - - [10/Aug/2015:05:18:18 +0800] "GET http://www.szwindoor.com/test/test_proxy.php HTTP/1.1" 404 - "-" "Java/1.7.0_65"
localhost 115.239.248.246 - - [10/Aug/2015:05:37:29 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.7106912058271124 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:06:10:24 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.3061906553984412 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:06:43:20 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.6265654122561397 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:07:16:21 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.6289064254784770 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:07:49:23 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.8639985854100296 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 211.142.200.2 - - [10/Aug/2015:08:10:54 +0800] "GET /favicon.ico HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36"
</code>

Copy after login

回复内容：

最近频繁有Apache服务挂掉的问题，分析日志有大量奇怪的访问请求，请问是什么原因？

<code>localhost 115.239.248.246 - - [10/Aug/2015:00:07:42 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.8839821094708698 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:00:40:48 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.4025078830133967 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 192.184.40.114 - - [10/Aug/2015:01:02:54 +0800] "GET http://192.184.40.114/check_proxy.php HTTP/1.1" 404 - "-" "Java/1.7.0_71"
localhost 115.159.2.233 - - [10/Aug/2015:01:03:07 +0800] "GET http://www.szwindoor.com/test/test_proxy.php HTTP/1.1" 404 - "-" "Java/1.7.0_65"
localhost 115.239.248.246 - - [10/Aug/2015:01:13:49 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.3043665172696199 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 192.184.51.130 - - [10/Aug/2015:01:17:51 +0800] "GET http://115.159.2.233/check_proxy.php HTTP/1.1" 404 - "-" "Java/1.7.0_85"
localhost 115.239.248.246 - - [10/Aug/2015:01:46:50 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.4615361246842085 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:02:19:45 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.2990789348253239 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:02:52:44 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.6869198661483608 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:03:25:46 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.2991618600130071 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.159.2.233 - - [10/Aug/2015:03:26:25 +0800] "GET http://www.szwindoor.com/test/test_proxy.php HTTP/1.1" 404 - "-" "Java/1.7.0_65"
localhost 192.184.40.114 - - [10/Aug/2015:03:26:55 +0800] "GET http://192.184.40.114/check_proxy.php HTTP/1.1" 404 - "-" "Java/1.7.0_71"
localhost 115.239.248.246 - - [10/Aug/2015:03:58:42 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.1211653377116418 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:04:31:39 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.0352315087349496 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:05:04:36 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.6878875883743808 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 192.184.40.114 - - [10/Aug/2015:05:17:39 +0800] "GET http://192.184.40.114/check_proxy.php HTTP/1.1" 404 - "-" "Java/1.7.0_71"
localhost 115.159.2.233 - - [10/Aug/2015:05:18:18 +0800] "GET http://www.szwindoor.com/test/test_proxy.php HTTP/1.1" 404 - "-" "Java/1.7.0_65"
localhost 115.239.248.246 - - [10/Aug/2015:05:37:29 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.7106912058271124 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:06:10:24 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.3061906553984412 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:06:43:20 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.6265654122561397 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:07:16:21 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.6289064254784770 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 115.239.248.246 - - [10/Aug/2015:07:49:23 +0800] "GET http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.8639985854100296 HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; 360SE)"
localhost 211.142.200.2 - - [10/Aug/2015:08:10:54 +0800] "GET /favicon.ico HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36"
</code>

Copy after login

http://zc.qq.com/cgi-bin/common/ 这个你程序中有请求这个地址么？

感觉是不是页面代码里面有一些qq统计的代码但是链接拼错了?

GET里带域名这是HTTP正向代理的格式吧……
看起来有人把你当成HTTP代理，或者有人在测试有没有支持正向代理出去的服务器（里面一堆test_proxy之类的东西）

<code>::ffff:192.184.40.114 - - [14/Aug/2015:06:55:01 +0000] "GET http://192.184.40.114/check_proxy.php HTTP/1.1" 200 594 "-" "Java/1.7.0_71"</code>

Copy after login

我的也是，楼主有什么解决方案吗？是因为没有设置反向代理吗？

我自己写了个http服务器，获取到了些信息，其实就是一个IP地址为115.239.228.14 伪造http请求，如果我这台服务器是个转发http请求的服务的话就能把他的这个请求转发并且返回结果。

<code>[2016-03-11 15:37:57--734000] [22496] CNetConnectHandle::handle_input(holder=Acceptor,sid=) => connect-handle 00000000000001D4 | IP(115.239.228.14:30584) 
[2016-03-11 15:37:57--740000] [22496] CReactorExplorer::ParseCmdLine() => Parse http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.3376436716251803 .
[2016-03-11 15:37:57--741000] [22496] CResourceExplorer::OpenReactor() => sid is NULL in http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.3376436716251803.
[2016-03-11 15:37:57--743000] [22496] CHttpFilter::InputProcess(sid=) => Fail to CResourceExplorer::OpenReactor(http://zc.qq.com/cgi-bin/common/attr?id=260714&r=0.3376436716251803)</code>

Copy after login

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Assassin's Creed Shadows: Seashell Riddle Solution

3 weeks ago By DDD

What's New in Windows 11 KB5054979 & How to Fix Update Issues

2 weeks ago By DDD

Where to find the Crane Control Keycard in Atomfall

3 weeks ago By DDD

Assassin's Creed Shadows - How To Find The Blacksmith And Unlock Weapon And Armour Customisation

1 months ago By DDD

Roblox: Dead Rails - How To Complete Every Challenge

3 weeks ago By DDD

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Where is the login entrance for gmail email?

7608

CakePHP Tutorial

1387

What is the format of the account name of steam

win11 activation key permanent

nyt connections hints and answers

135

Related knowledge

PHP and Python: Comparing Two Popular Programming Languages Apr 14, 2025 am 12:13 AM

PHP and Python each have their own advantages, and choose according to project requirements. 1.PHP is suitable for web development, especially for rapid development and maintenance of websites. 2. Python is suitable for data science, machine learning and artificial intelligence, with concise syntax and suitable for beginners.

How to set the cgi directory in apache Apr 13, 2025 pm 01:18 PM

To set up a CGI directory in Apache, you need to perform the following steps: Create a CGI directory such as "cgi-bin", and grant Apache write permissions. Add the "ScriptAlias" directive block in the Apache configuration file to map the CGI directory to the "/cgi-bin" URL. Restart Apache.

The Enduring Relevance of PHP: Is It Still Alive? Apr 14, 2025 am 12:12 AM

PHP is still dynamic and still occupies an important position in the field of modern programming. 1) PHP's simplicity and powerful community support make it widely used in web development; 2) Its flexibility and stability make it outstanding in handling web forms, database operations and file processing; 3) PHP is constantly evolving and optimizing, suitable for beginners and experienced developers.

How to start apache Apr 13, 2025 pm 01:06 PM

The steps to start Apache are as follows: Install Apache (command: sudo apt-get install apache2 or download it from the official website) Start Apache (Linux: sudo systemctl start apache2; Windows: Right-click the "Apache2.4" service and select "Start") Check whether it has been started (Linux: sudo systemctl status apache2; Windows: Check the status of the "Apache2.4" service in the service manager) Enable boot automatically (optional, Linux: sudo systemctl

PHP's Purpose: Building Dynamic Websites Apr 15, 2025 am 12:18 AM

PHP is used to build dynamic websites, and its core functions include: 1. Generate dynamic content and generate web pages in real time by connecting with the database; 2. Process user interaction and form submissions, verify inputs and respond to operations; 3. Manage sessions and user authentication to provide a personalized experience; 4. Optimize performance and follow best practices to improve website efficiency and security.

How to delete more than server names of apache Apr 13, 2025 pm 01:09 PM

To delete an extra ServerName directive from Apache, you can take the following steps: Identify and delete the extra ServerName directive. Restart Apache to make the changes take effect. Check the configuration file to verify changes. Test the server to make sure the problem is resolved.

What to do if the apache80 port is occupied Apr 13, 2025 pm 01:24 PM

When the Apache 80 port is occupied, the solution is as follows: find out the process that occupies the port and close it. Check the firewall settings to make sure Apache is not blocked. If the above method does not work, please reconfigure Apache to use a different port. Restart the Apache service.

PHP in Action: Real-World Examples and Applications Apr 14, 2025 am 12:19 AM

PHP is widely used in e-commerce, content management systems and API development. 1) E-commerce: used for shopping cart function and payment processing. 2) Content management system: used for dynamic content generation and user management. 3) API development: used for RESTful API development and API security. Through performance optimization and best practices, the efficiency and maintainability of PHP applications are improved.

See all articles