所以我不明白这些错误信息。 我被告知有人可能试图破解我的服务器,但我不是100%确定发生了什么事情。
我正在运行CentOs 6。
这里是我得到的错误列表:
PS没有这些IP是矿
[Mon Dec 09 12:36:27 2013] [error] [client 216.121.127.194] script not found or unable to stat: /var/www/cgi-bin/php [Mon Dec 09 12:36:27 2013] [error] [client 216.121.127.194] script not found or unable to stat: /var/www/cgi-bin/php [Tue Dec 10 04:39:32 2013] [error] [client 202.162.221.227] script not found or unable to stat: /var/www/cgi-bin/php [Tue Dec 10 05:50:07 2013] [error] [client 67.228.121.194] script not found or unable to stat: /var/www/cgi-bin/php [Tue Dec 10 07:11:23 2013] [error] [client 119.52.254.20] client denied by server configuration: /usr/share/phpMyAdmin/scripts [Tue Dec 10 07:11:24 2013] [error] [client 119.52.254.20] client denied by server configuration: /usr/share/phpMyAdmin/scripts [Tue Dec 10 08:51:36 2013] [error] [client 58.241.10.22] client denied by server configuration: /usr/share/phpMyAdmin/scripts [Tue Dec 10 08:51:37 2013] [error] [client 58.241.10.22] client denied by server configuration: /usr/share/phpMyAdmin/scripts [Thu Dec 12 03:34:41 2013] [error] [client 46.229.157.226] script not found or unable to stat: /var/www/cgi-bin/php [Thu Dec 12 03:34:42 2013] [error] [client 46.229.157.226] script not found or unable to stat: /var/www/cgi-bin/php5 [Thu Dec 12 03:34:42 2013] [error] [client 46.229.157.226] script not found or unable to stat: /var/www/cgi-bin/php-cgi [Thu Dec 12 03:34:42 2013] [error] [client 46.229.157.226] script not found or unable to stat: /var/www/cgi-bin/php.cgi [Thu Dec 12 03:34:43 2013] [error] [client 46.229.157.226] script not found or unable to stat: /var/www/cgi-bin/php4 [Thu Dec 12 05:10:38 2013] [error] [client 89.248.160.192] Invalid URI in request GET HTTP/1.1 HTTP/1.1 [Thu Dec 12 05:10:39 2013] [error] [client 89.248.160.192] script not found or unable to stat: /var/www/cgi-bin/php [Thu Dec 12 05:10:39 2013] [error] [client 89.248.160.192] script not found or unable to stat: /var/www/cgi-bin/php4 [Thu Dec 12 05:10:39 2013] [error] [client 89.248.160.192] script not found or unable to stat: /var/www/cgi-bin/php5 [Thu Dec 12 05:10:39 2013] [error] [client 89.248.160.192] script not found or unable to stat: /var/www/cgi-bin/php-cgi [Thu Dec 12 05:10:40 2013] [error] [client 89.248.160.192] script not found or unable to stat: /var/www/cgi-bin/php.cgi 编辑:
一些PHP代码的.htaccess文件来阻止一些扫描仪。
RewriteCond %{HTTP_USER_AGENT} ^w3af.sourceforge.net [NC,OR] RewriteCond %{HTTP_USER_AGENT} dirbuster [NC,OR] RewriteCond %{HTTP_USER_AGENT} nikto [NC,OR] RewriteCond %{HTTP_USER_AGENT} SF [OR] RewriteCond %{HTTP_USER_AGENT} sqlmap [NC,OR] RewriteCond %{HTTP_USER_AGENT} fimap [NC,OR] RewriteCond %{HTTP_USER_AGENT} nessus [NC,OR] RewriteCond %{HTTP_USER_AGENT} whatweb [NC,OR] RewriteCond %{HTTP_USER_AGENT} Openvas [NC,OR] RewriteCond %{HTTP_USER_AGENT} jbrofuzz [NC,OR] RewriteCond %{HTTP_USER_AGENT} libwhisker [NC,OR] RewriteCond %{HTTP_USER_AGENT} webshag [NC,OR] RewriteCond %{HTTP:Acunetix-Product} ^WVS
确保将其放置在类别中。
如果不是<IfModule mod_rewrite.c>paste content here</IfModule>
这些解决scheme大多parsing为Web爬虫 。 例如58.241.10.22来自中国
相当无害恕我直言。