现在服务器y应该是被dos了 ,一部分访问日志如下:
27.211.209.120 - - [17/Jul/2016:10:16:32 +0800] "GET /forum.php?&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&&wangzhanbeihei&chongzhuangwangzhan&&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&19541 HTTP/1.1" 200 31 "http://106.187.97.172/info.php" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)"
1.189.19.82 - - [17/Jul/2016:10:16:32 +0800] "GET /forum.php?&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&&wangzhanbeihei&chongzhuangwangzhan&&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&2322 HTTP/1.1" 200 31 "http://106.187.97.172/info.php" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36"
223.246.197.118 - - [17/Jul/2016:10:16:32 +0800] "GET /forum.php?&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&&wangzhanbeihei&chongzhuangwangzhan&&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&7147 HTTP/1.1" 200 31 "http://106.187.97.172/info.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53"
然后refere 显示全部来自
http://106.187.97.172/info.php
我通过配置了 nginx
map $http_referer $bad_referer {
default 0;
"106.187.97.172/info.php" 1;
}
并且
location / {
if ($bad_referer) {
return 403;
}
重启nginx后
nginx日志对于访问还是显示 200 ok? 我哪里错了?
用阿里云、亚马逊云,或者百度云加速来解析域名,这些都可以抵御 DoS