Apache错误日志显示以下消息。 看起来像是对我的攻击但不知道是什么意思。 谁能告诉我这些攻击是什么,以及如何防止这种攻击造成的任何损害
[Wed Jan 22 00:39:36 2014] [error] [client xyza] File does not exist: /var/www/site/webdav [Wed Jan 22 00:39:36 2014] [error] [client xyza] File does not exist: /var/www/site/administrator [Wed Jan 22 00:39:37 2014] [error] [client xyza] File does not exist: /var/www/site/wp-login.php [Wed Jan 22 00:39:37 2014] [error] [client xyza] File does not exist: /var/www/site/blog [Wed Jan 22 00:39:37 2014] [error] [client xyza] File does not exist: /var/www/site/zecmd [Wed Jan 22 00:39:37 2014] [error] [client xyza] File does not exist: /var/www/site/web-console [Wed Jan 22 00:39:38 2014] [error] [client xyza] File does not exist: /var/www/site/manager [Wed Jan 22 11:18:19 2014] [error] [client xyza] script not found or unable to stat: /usr/lib/cgi-bin/php [Wed Jan 22 11:18:19 2014] [error] [client xyza] script not found or unable to stat: /usr/lib/cgi-bin/php5 [Wed Jan 22 11:18:19 2014] [error] [client xyza] script not found or unable to stat: /usr/lib/cgi-bin/php-cgi [Wed Jan 22 11:18:19 2014] [error] [client xyza] script not found or unable to stat: /usr/lib/cgi-bin/php.cgi [Wed Jan 22 11:18:19 2014] [error] [client xyza] script not found or unable to stat: /usr/lib/cgi-bin/php4 这些请求不幸的是正常的。 有很多攻击者写了几个脚本来find一个带有安全漏洞的服务器。 这些脚本正在扫描互联网,并寻找不保存的服务器。
那你可以做的是