@Toopie
мамааааааааааааааааааааа

Что происходит с сервером? Атаки?

Здравствуйте, решил перезапустить nginx, потом пошел смотреть логи, и тут я начал понимать, что с сервером творится какая-то странная ерунда.
В секунду в файл error.log прибавляется по 10-30 КБ, вот, что я увидел в нем:
2018/04/25 21:17:00 [error] 1586#1586: *7 "/var/www/html/telegraph/tot2/PC-LOFT10_W10015063.F042C2276277C2D0D788BA9CFF25EBAC/14/conf/2/0/index.php" is not found (2: No such file or directory), client: 104.193.30.21, server: samp-telegraph.org, request: "GET /tot2/PC-LOFT10_W10015063.F042C2276277C2D0D788BA9CFF25EBAC/14/conf/2/0/ HTTP/2.0", host: "185.228.232.139"
2018/04/25 21:17:01 [error] 1586#1586: *8 "/var/www/html/telegraph/jim168/USNASDT20135_W617601.A2027912657215733591E8A485146040/64/injectDll/PING/browser/index.php" is not found (2: No such file or directory), client: 166.90.119.2, server: samp-telegraph.org, request: "POST /jim168/USNASDT20135_W617601.A2027912657215733591E8A485146040/64/injectDll/PING/browser/ HTTP/1.1", host: "185.228.232.139"
2018/04/25 21:17:02 [error] 1586#1586: *9 "/var/www/html/telegraph/ser0322/MARIAPC_W10016299.741F223F5A53A4604E2ED6CAE5BC0E28/64/injectDll/PING/browser/index.php" is not found (2: No such file or directory), client: 79.147.41.106, server: samp-telegraph.org, request: "POST /ser0322/MARIAPC_W10016299.741F223F5A53A4604E2ED6CAE5BC0E28/64/injectDll/PING/browser/ HTTP/2.0", host: "185.228.232.139"
2018/04/25 21:17:02 [error] 1586#1586: *8 "/var/www/html/telegraph/jim168/USNASDT20135_W617601.A2027912657215733591E8A485146040/64/injectDll/PING/browser/index.php" is not found (2: No such file or directory), client: 166.90.119.2, server: samp-telegraph.org, request: "POST /jim168/USNASDT20135_W617601.A2027912657215733591E8A485146040/64/injectDll/PING/browser/ HTTP/1.1", host: "185.228.232.139"
2018/04/25 21:17:03 [error] 1586#1586: *9 "/var/www/html/telegraph/ser0322/MARIAPC_W10016299.741F223F5A53A4604E2ED6CAE5BC0E28/64/injectDll/PING/browser/index.php" is not found (2: No such file or directory), client: 79.147.41.106, server: samp-telegraph.org, request: "POST /ser0322/MARIAPC_W10016299.741F223F5A53A4604E2ED6CAE5BC0E28/64/injectDll/PING/browser/ HTTP/2.0", host: "185.228.232.139"
2018/04/25 21:17:04 [error] 1586#1586: *8 "/var/www/html/telegraph/jim168/USNASDT20135_W617601.A2027912657215733591E8A485146040/64/injectDll/PING/browser/index.php" is not found (2: No such file or directory), client: 166.90.119.2, server: samp-telegraph.org, request: "POST /jim168/USNASDT20135_W617601.A2027912657215733591E8A485146040/64/injectDll/PING/browser/ HTTP/1.1", host: "185.228.232.139"
2018/04/25 21:17:04 [error] 1586#1586: *1 "/var/www/html/telegraph/lib1/CWDZ0R1_W617601.CC3A2D228A37150BB7C0E4BD5124D3C2/64/injectDll/PING/browser/index.php" is not found (2: No such file or directory), client: 66.60.240.3, server: samp-telegraph.org, request: "POST /lib1/CWDZ0R1_W617601.CC3A2D228A37150BB7C0E4BD5124D3C2/64/injectDll/PING/browser/ HTTP/1.1", host: "185.228.232.139"
2018/04/25 21:17:04 [error] 1586#1586: *9 "/var/www/html/telegraph/ser0322/MARIAPC_W10016299.741F223F5A53A4604E2ED6CAE5BC0E28/64/injectDll/PING/browser/index.php" is not found (2: No such file or directory), client: 79.147.41.106, server: samp-telegraph.org, request: "POST /ser0322/MARIAPC_W10016299.741F223F5A53A4604E2ED6CAE5BC0E28/64/injectDll/PING/browser/ HTTP/2.0", host: "185.228.232.139"
2018/04/25 21:17:05 [error] 1586#1586: *1 "/var/www/html/telegraph/lib1/CWDZ0R1_W617601.CC3A2D228A37150BB7C0E4BD5124D3C2/64/injectDll/PING/browser/index.php" is not found (2: No such file or directory), client: 66.60.240.3, server: samp-telegraph.org, request: "POST /lib1/CWDZ0R1_W617601.CC3A2D228A37150BB7C0E4BD5124D3C2/64/injectDll/PING/browser/ HTTP/1.1", host: "185.228.232.139"
2018/04/25 21:17:06 [error] 1586#1586: *1 "/var/www/html/telegraph/lib1/CWDZ0R1_W617601.CC3A2D228A37150BB7C0E4BD5124D3C2/64/injectDll/PING/browser/index.php" is not found (2: No such file or directory), client: 66.60.240.3, server: samp-telegraph.org, request: "POST /lib1/CWDZ0R1_W617601.CC3A2D228A37150BB7C0E4BD5124D3C2/64/injectDll/PING/browser/ HTTP/1.1", host: "185.228.232.139"
2018/04/25 21:17:06 [error] 1586#1586: *10 "/var/www/html/telegraph/ser0322/MARIAPC_W10016299.741F223F5A53A4604E2ED6CAE5BC0E28/64/injectDll/DPST/browser/index.php" is not found (2: No such file or directory), client: 79.147.41.106, server: samp-telegraph.org, request: "POST /ser0322/MARIAPC_W10016299.741F223F5A53A4604E2ED6CAE5BC0E28/64/injectDll/DPST/browser/ HTTP/2.0", host: "185.228.232.139"
2018/04/25 21:17:07 [error] 1586#1586: *1 "/var/www/html/telegraph/lib1/CWDZ0R1_W617601.CC3A2D228A37150BB7C0E4BD5124D3C2/64/injectDll/PING/browser/index.php" is not found (2: No such file or directory), client: 66.60.240.3, server: samp-telegraph.org, request: "POST /lib1/CWDZ0R1_W617601.CC3A2D228A37150BB7C0E4BD5124D3C2/64/injectDll/PING/browser/ HTTP/1.1", host: "185.228.232.139"
2018/04/25 21:17:07 [error] 1586#1586: *10 "/var/www/html/telegraph/ser0322/MARIAPC_W10016299.741F223F5A53A4604E2ED6CAE5BC0E28/64/injectDll/DPST/browser/index.php" is not found (2: No such file or directory), client: 79.147.41.106, server: samp-telegraph.org, request: "POST /ser0322/MARIAPC_W10016299.741F223F5A53A4604E2ED6CAE5BC0E28/64/injectDll/DPST/browser/ HTTP/2.0", host: "185.228.232.139"
2018/04/25 21:17:08 [error] 1586#1586: *1 "/var/www/html/telegraph/lib1/CWDZ0R1_W617601.CC3A2D228A37150BB7C0E4BD5124D3C2/64/injectDll/PING/browser/index.php" is not found (2: No such file or directory), client: 66.60.240.3, server: samp-telegraph.org, request: "POST /lib1/CWDZ0R1_W617601.CC3A2D228A37150BB7C0E4BD5124D3C2/64/injectDll/PING/browser/ HTTP/1.1", host: "185.228.232.139"
2018/04/25 21:17:09 [error] 1586#1586: *10 "/var/www/html/telegraph/ser0322/MARIAPC_W10016299.741F223F5A53A4604E2ED6CAE5BC0E28/64/injectDll/DPST/browser/index.php" is not found (2: No such file or directory), client: 79.147.41.106, server: samp-telegraph.org, request: "POST /ser0322/MARIAPC_W10016299.741F223F5A53A4604E2ED6CAE5BC0E28/64/injectDll/DPST/browser/ HTTP/2.0", host: "185.228.232.139"
2018/04/25 21:17:09 [error] 1586#1586: *1 "/var/www/html/telegraph/lib1/CWDZ0R1_W617601.CC3A2D228A37150BB7C0E4BD5124D3C2/64/injectDll/PING/browser/index.php" is not found (2: No such file or directory), client: 66.60.240.3, server: samp-telegraph.org, request: "POST /lib1/CWDZ0R1_W617601.CC3A2D228A37150BB7C0E4BD5124D3C2/64/injectDll/PING/browser/ HTTP/1.1", host: "185.228.232.139"
2018/04/25 21:17:12 [error] 1586#1586: *1 "/var/www/html/telegraph/lib1/CWDZ0R1_W617601.CC3A2D228A37150BB7C0E4BD5124D3C2/64/injectDll/PING/browser/index.php" is not found (2: No such file or directory), client: 66.60.240.3, server: samp-telegraph.org, request: "POST /lib1/CWDZ0R1_W617601.CC3A2D228A37150BB7C0E4BD5124D3C2/64/injectDll/PING/browser/ HTTP/1.1", host: "185.228.232.139"
2018/04/25 21:17:13 [error] 1586#1586: *11 "/var/www/html/telegraph/del7/RFA-PBS03_W617601.C96EB63EBCE7D9CDB058BC8A75E4A13A/5/spk/index.php" is not found (2: No such file or directory), client: 171.33.197.142, server: samp-telegraph.org, request: "GET /del7/RFA-PBS03_W617601.C96EB63EBCE7D9CDB058BC8A75E4A13A/5/spk/ HTTP/1.1", host: "185.228.232.139"
2018/04/25 21:17:14 [error] 1586#1586: *1 "/var/www/html/telegraph/lib1/CWDZ0R1_W617601.CC3A2D228A37150BB7C0E4BD5124D3C2/64/injectDll/PING/browser/index.php" is not found (2: No such file or directory), client: 66.60.240.3, server: samp-telegraph.org, request: "POST /lib1/CWDZ0R1_W617601.CC3A2D228A37150BB7C0E4BD5124D3C2/64/injectDll/PING/browser/ HTTP/1.1", host: "185.228.232.139"

Как я понимаю, на мой сервер отсылаются POST запросы с бота?
Я бы поверил, что это DDoS, но:
1) Нагрузки на сервер нет, так как выдается страница ошибки, да и в мониторинге показано, что нагрузка 1-3%, и то, это от меня, так как решил протестировать MySQL через PHP
2) Про этот сервер, домен, знают человек 10, которым все равно на него
Да и кому это надо в 5 утра?
Вот, сижу, не понимаю, что делать :/
  • Вопрос задан
  • 135 просмотров
Решения вопроса 1
Stalker_RED
@Stalker_RED
Ура, поздравляю, теперь вы узнали, что в интернете есть боты-сканеры.
Самый простой вариант - вообще ничего не делать. Таких ботов могут быть десятки или сотни в сутки, особой нагрузки они не дают, а борьба с ними практически бессмысленна, т.к. адреса меняются.
Ответ написан
Пригласить эксперта
Ваш ответ на вопрос

Войдите, чтобы написать ответ

Похожие вопросы