Второй раз устанавливаю на vps систему управления сайтом WordPress, проходит несколько дней и WP начинает жутко виснуть, зашел в логи и увидел следующее:
/phpmyadmin/index.php?pma_username=root&pma_password=
r00t&server=1 (идет подбор пароля)
spoiler[Thu Sep 27 09:37:39 2018] [error] [client 122.114.227.236] File does not exist: /usr/share/phpMyAdmin/scripts
[Thu Sep 27 09:37:41 2018] [error] [client 122.114.227.236] File does not exist: /usr/share/phpMyAdmin/scripts
[Thu Sep 27 09:39:17 2018] [error] [client 122.114.227.236] File does not exist: /usr/share/phpMyAdmin/phpmyadmin
2018/09/27 17:02:11 [crit] 1417#1417: *200295 connect() to unix:/var/run/php-fpm.apache.sock failed (2: No such file or directory) while connecting to upstream, client: 47.91.207.51, server: site.ru, request: "GET /phpmyadmin/scripts/db___.init.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.apache.sock:", host: "185.00.000.000"
[Thu Sep 27 17:02:11 2018] [error] [client 47.91.207.51] File does not exist: /usr/share/phpMyAdmin/scripts
2018/09/27 17:06:07 [crit] 1417#1417: *201180 connect() to unix:/var/run/php-fpm.apache.sock failed (2: No such file or directory) while connecting to upstream, client: 47.91.207.51, server: site.ru, request: "GET /phpmyadmin/index.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.apache.sock:", host: "185.00.000.000"
2018/09/27 17:20:14 [error] 1417#1417: *203986 openat() "/usr/share/phpMyAdmin0/index.php" failed (2: No such file or directory), client: 47.91.207.51, server: site.ru, request: "GET /phpmyadmin0/index.php HTTP/1.1", host: "185.00.000.000"
2018/09/27 17:20:14 [error] 1417#1417: *203986 openat() "/usr/share/phpMyAdmin1/index.php" failed (2: No such file or directory), client: 47.91.207.51, server: site.ru, request: "GET /phpmyadmin1/index.php HTTP/1.1", host: "185.00.000.000"
2018/09/27 17:20:14 [error] 1417#1417: *203986 openat() "/usr/share/phpMyAdmin2/index.php" failed (2: No such file or directory), client: 47.91.207.51, server: site.ru, request: "GET /phpmyadmin2/index.php HTTP/1.1", host: "185.00.000.000"
2018/09/27 17:20:19 [error] 1417#1417: *203986 openat() "/usr/share/phpMyAdmin-old/index.php" failed (2: No such file or directory), client: 47.91.207.51, server: site.ru, request: "GET /phpmyadmin-old/index.php HTTP/1.1", host: "185.00.000.000"
2018/09/27 17:20:23 [crit] 1417#1417: *203986 connect() to unix:/var/run/php-fpm.apache.sock failed (2: No such file or directory) while connecting to upstream, client: 47.91.207.51, server: site.ru, request: "GET /phpmyadmin/phpmyadmin/index.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.apache.sock:", host: "185.00.000.000"
[Thu Sep 27 17:20:23 2018] [error] [client 47.91.207.51] File does not exist: /usr/share/phpMyAdmin/phpmyadmin
[Thu Sep 27 17:25:29 2018] [error] [client 54.38.220.67] File does not exist: /usr/share/phpMyAdmin/scripts
[Thu Sep 27 17:25:29 2018] [error] [client 54.38.220.67] File does not exist: /usr/share/phpMyAdmin/scripts
2018/09/27 22:15:05 [warn] 1417#1417: *272394 an upstream response is buffered to a temporary file /var/cache/nginx/proxy_temp/1/36/0000026361 while reading upstream, client: 77.222.105.24, server: site.ru, request: "GET /wp-admin/load-styles.php?c=0&dir=ltr&load%5B%5D=dashicons,buttons,forms,l10n,login&ver=4.9.8 HTTP/1.1", upstream: "127.0.0.1:8080/wp-admin/load-styles.php?c=0&dir=lt...", host: "site.ru", referrer: "https://site.ru/wp-login.php"
2018/09/27 22:15:08 [warn] 1417#1417: *272394 an upstream response is buffered to a temporary file /var/cache/nginx/proxy_temp/2/36/0000026362 while reading upstream, client: 77.222.105.24, server: site.ru, request: "GET /wp-admin/load-styles.php?c=0&dir=ltr&load%5B%5D=dashicons,admin-bar,common,forms,admin-menu,dashboard,list-tables,edit,revisions,media,themes,about,nav-menus,wp-pointer,widgets&load%5B%5D=,site-icon,l10n,buttons,wp-auth-check&ver=4.9.8 HTTP/1.1", upstream: "127.0.0.1:8080/wp-admin/load-styles.php?c=0&dir=lt...", host: "site.ru", referrer: "https://site.ru/wp-admin/"
2018/09/27 22:24:22 [crit] 1417#1417: *274323 connect() to unix:/var/run/php-fpm.apache.sock failed (2: No such file or directory) while connecting to upstream, client: 183.90.168.18, server: site.ru, request: "GET /phpmyadmin/scripts/setup.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.apache.sock:", host: "185.00.000.000"
[Thu Sep 27 22:24:22 2018] [error] [client 183.90.168.18] File does not exist: /usr/share/phpMyAdmin/scripts
2018/09/27 22:27:10 [crit] 1417#1417: *275042 connect() to unix:/var/run/php-fpm.apache.sock failed (2: No such file or directory) while connecting to upstream, client: 183.90.168.18, server: site.ru, request: "GET /phpmyadmin/index.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.apache.sock:", host: "185.00.000.000"
2018/09/27 22:27:11 [crit] 1417#1417: *275042 connect() to unix:/var/run/php-fpm.apache.sock failed (2: No such file or directory) while connecting to upstream, client: 183.90.168.18, server: site.ru, request: "GET /phpmyadmin/index.php?pma_username=root&pma_password=&server=1 HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.apache.sock:", host: "185.00.000.000"
2018/09/27 22:27:11 [crit] 1417#1417: *275042 connect() to unix:/var/run/php-fpm.apache.sock failed (2: No such file or directory) while connecting to upstream, client: 183.90.168.18, server: site.ru, request: "GET /phpmyadmin/index.php?pma_username=root&pma_password=root&server=1 HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.apache.sock:", host: "185.00.000.000"
2018/09/27 22:27:11 [crit] 1417#1417: *275042 connect() to unix:/var/run/php-fpm.apache.sock failed (2: No such file or directory) while connecting to upstream, client: 183.90.168.18, server: site.ru, request: "GET /phpmyadmin/index.php?pma_username=root&pma_password=toor&server=1 HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.apache.sock:", host: "185.00.000.000"
2018/09/27 22:27:12 [crit] 1417#1417: *275042 connect() to unix:/var/run/php-fpm.apache.sock failed (2: No such file or directory) while connecting to upstream, client: 183.90.168.18, server: site.ru, request: "GET /phpmyadmin/index.php?pma_username=root&pma_password=r00t&server=1 HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.apache.sock:", host: "185.00.000.000"
2018/09/27 22:27:12 [crit] 1417#1417: *275042 connect() to unix:/var/run/php-fpm.apache.sock failed (2: No such file or directory) while connecting to upstream, client: 183.90.168.18, server: site.ru, request: "GET /phpmyadmin/index.php?pma_username=root&pma_password=mysql&server=1 HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.apache.sock:", host: "185.00.000.000"
2018/09/28 01:05:45 [error] 1417#1417: *300645 openat() "/usr/share/phpMyAdmin/docs.css" failed (2: No such file or directory), client: 125.64.94.206, server: site.ru, request: "GET /phpmyadmin/docs.css HTTP/1.1", host: "www.site.ru"
[Fri Sep 28 01:05:45 2018] [error] [client 125.64.94.206] File does not exist: /usr/share/phpMyAdmin/docs.css
2018/09/28 01:07:55 [crit] 1417#1417: *301050 connect() to unix:/var/run/php-fpm.apache.sock failed (2: No such file or directory) while connecting to upstream, client: 125.64.94.206, server: site.ru, request: "GET /phpmyadmin/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.apache.sock:", host: "www.site.ru"
2018/09/28 01:07:57 [error] 1417#1417: *301050 openat() "/usr/share/phpMyAdmin/README" failed (2: No such file or directory), client: 125.64.94.206, server: site.ru, request: "GET /phpmyadmin/README HTTP/1.1", host: "www.site.ru"
2018/09/28 01:07:57 [error] 1417#1417: *301050 openat() "/usr/share/phpMyAdmin/Documentation.html" failed (2: No such file or directory), client: 125.64.94.206, server: site.ru, request: "GET /phpmyadmin/Documentation.html HTTP/1.1", host: "www.site.ru"
[Fri Sep 28 01:07:57 2018] [error] [client 125.64.94.206] File does not exist: /usr/share/phpMyAdmin/Documentation.html
Если я верно понял, какой-то скрипт пытается получить доступ к phpmyadmin
Как определить?
Простой
