訪問日誌:
140.205.201.35 - 1 [12/Apr/2017:16:52:08 +0800] "GET /admin/ HTTP/1.1" 404 564 "http://123.56.101.23/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;Alibaba.Security.Heimdall.5448812)"
140.205.201.35 - 1 [12/Apr/2017:16:52:13 +0800] "GET / HTTP/1.1" 302 16 "http://123.56.101.23/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;Alibaba.Security.Heimdall.5448812)"
221.222.55.62 - - [12/Apr/2017:17:03:45 +0800] "GET /favicon.ico HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36"
107.151.148.193 - - [12/Apr/2017:17:21:12 +0800] "GET http://www.luisaranguren.com/azenv.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.1; Trident/5.0)"
107.151.148.193 - - [12/Apr/2017:17:21:12 +0800] "CONNECT www.baidu.com:443 HTTP/1.1" 400 166 "-" "-"
171.120.27.117 - - [12/Apr/2017:17:21:41 +0800] "CONNECT www.baidu.com HTTP/1.1" 400 166 "-" "-"
116.113.51.148 - - [12/Apr/2017:17:21:41 +0800] "GET http://www.123cha.com HTTP/1.1" 302 16 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.132 Safari/537.36"
116.113.51.148 - - [12/Apr/2017:17:21:44 +0800] "" 400 0 "-" "-"
23.251.55.159 - - [12/Apr/2017:17:37:30 +0800] "GET http://fr.cyberpods.net/ HTTP/1.1" 302 16 "-" "Mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.1; Trident/5.0)"
23.251.55.159 - - [12/Apr/2017:17:37:31 +0800] "CONNECT www.alipay.com:443 HTTP/1.1" 400 166 "-" "-"
123.57.10.148 - - [12/Apr/2017:17:49:19 +0800] "GET / HTTP/1.1" 302 16 "-" "-"
221.222.55.62 - - [12/Apr/2017:17:50:41 +0800] "GET /favicon.ico HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36"
這些存取是啥意思???這個是nginx的access.log
我的疑問是CONNECT www.baidu.com這個是咋做到的?
還有
23.251.55.159 - - [12/Apr/2017:17:37:30 +0800] "GET http://fr.cyberpods.net/ HTTP/1.1" 302 16 "-" "Mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.1; Trident/5.0)"
23.251.55.159 - - [12/Apr/2017:17:37:31 +0800] "CONNECT www.alipay.com:443 HTTP/1.1" 400 166 "-" "-"
這些是怎麼做到的?
檢查代理的。你去搜一下「爬蟲代理」,裡面一大堆免費或是收費的代理伺服器位址,就是這麼掃出來的。
就是日誌的格式 http://blog.chinaunix.net/uid...
GET、POST為請求方式
/admin/ 請求的資源位址
HTTP/1.1 HTTP協定版本
404 為HTTP狀態碼
Mozilla/4.0開頭的user-agent瀏覽器資訊
可以對照設定的 log_format來解釋