问题描述
现在服务器y应该是被dos了 ,一部分访问日志如下:
27.211.209.120 - - [17/Jul/2016:10:16:32 +0800] 'GET /forum.php?&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&&wangzhanbeihei&chongzhuangwangzhan&&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&19541 HTTP/1.1' 200 31 'http://106.187.97.172/info.php' 'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)'1.189.19.82 - - [17/Jul/2016:10:16:32 +0800] 'GET /forum.php?&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&&wangzhanbeihei&chongzhuangwangzhan&&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&2322 HTTP/1.1' 200 31 'http://106.187.97.172/info.php' 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36'223.246.197.118 - - [17/Jul/2016:10:16:32 +0800] 'GET /forum.php?&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&&wangzhanbeihei&chongzhuangwangzhan&&wangzhanbeihei&chongzhuangwangzhan&chongzhuangfuwuqi&7147 HTTP/1.1' 200 31 'http://106.187.97.172/info.php' 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53'
然后refere 显示全部来自http://106.187.97.172/info.php
我通过配置了 nginx
map $http_referer $bad_referer { default 0; '106.187.97.172/info.php' 1;}
并且
location / { if ($bad_referer) { return 403; }
重启nginx后
nginx日志对于访问还是显示 200 ok? 我哪里错了?
问题解答
回答1:用阿里云、亚马逊云,或者百度云加速来解析域名,这些都可以抵御 DoS