我以前在我的服务器安装了Wordpress,在DDOS攻击后,我阻止了从.htaccess文件访问xmlrpc.php文件:
<Files "xmlrpc.php"> Order allow,deny Deny from all </Files>
最近,我卸载Wordpress,但仍然有缺席文件的要求。
我的error.log充满了:
[Tue Dec 06 15:30:20 2016] [error] [client 163.172.160.205] client denied by server configuration: /var/www/myserver.com/xmlrpc.php [Tue Dec 06 15:30:20 2016] [error] [client 212.47.231.34] client denied by server configuration: /var/www/myserver.com/xmlrpc.php [Tue Dec 06 15:30:20 2016] [error] [client 163.172.143.0] client denied by server configuration: /var/www/myserver.com/xmlrpc.php [Tue Dec 06 15:30:20 2016] [error] [client 163.172.161.136] client denied by server configuration: /var/www/myserver.com/xmlrpc.php [Tue Dec 06 15:30:21 2016] [error] [client 163.172.161.64] client denied by server configuration: /var/www/myserver.com/xmlrpc.php
我应该如何阻止这些请求,或者至less避免他们的日志?
你应该可以用fail2ban轻松做到这一点。