我在云(ec2)中设置了一个服务器,托管了我所有的 WordPress 网站。
我今天注意到该网站遭到黑客攻击..
109.87.118.222 - - [16/Oct/2013:13:10:31 -0400] "POST /wp-login.php HTTP/1.0" 200 3954 " http://smartmoneystrategies.net/wp-login.php " " Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0" 5.15.198.184 - - [16/Oct/2013:13:10:31 -0400] "POST /wp-login.php HTTP/1.0 " 200 3926 " http://smartmoneystrategies.net/wp-login.php " "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0" 42.116.170.247 - - [16/Oct/2013: 13:10:32 -0400] "POST /wp-login.php HTTP/1.0" 200 3954 " http://smartmoneystrategies.net/wp-login.php " "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0" 93.78.138.185 - - [16/Oct/2013:13:10:33 -0400] "POST /wp-login.php HTTP/1.0"200 3954" http://smartmoneystrategies.net/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0" 2.95.13.35 - - [16/Oct/2013:13:10:33 -0400] "POST /wp-login.php HTTP /1.0" 200 3940 " http://smartmoneystrategies.net/wp-login.php " "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0" 93.80.123.137 - - [16/Oct/ 2013:13:10:34 -0400] "POST /wp-login.php HTTP/1.0" 200 3940 " http://smartmoneystrategies.net/wp-login.php " "Mozilla/5.0 (Windows NT 6.1; rv: 19.0) Gecko/20100101 Firefox/19.0" 79.181.39.227 - - [16/Oct/2013:13:10:34 -0400] "POST /wp-login.php HTTP/1.0" 200 3933 " http://smartmoneystrategies。 net/wp-login.php " "Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0"
我想我通过添加登录锁定来捕获 IP 地址来修复攻击。
但我也在那里找到了一大堆这些......
157.56.92.164 - - [16/Oct/2013:09:57:12 -0400] "GET /search.php/?q=bethanny+franklin+haircut&ht=1 HTTP/1.1" 200 11475 "-" "Mozilla/5.0 (兼容;bingbot/2.0;+ http://www.bing.com/bingbot.htm)”157.56.92.164 - - [16/Oct/2013:09:57:13 -0400] “GET /search.php/ ?ht=1&q=address+label+coupon+codes HTTP/1.1" 200 11475 "-" "Mozilla/5.0 (compatible; bingbot/2.0; + http://www.bing.com/bingbot.htm )" 157.56。 92.164 - - [16/Oct/2013:09:57:13 -0400] "GET /search.php/?q=Martell+Gay+Bryce&ht=1 HTTP/1.1" 200 11475 "-" "Mozilla/5.0 (兼容; bingbot/2.0; + http://www.bing.com/bingbot.htm )" 157.56.92.164 - - [16/Oct/2013:09:57:14 -0400] "GET /search.php/?ht =1&q=monterey+fashions+coat HTTP/1.1" 200 11475"-" "Mozilla/5.0(兼容;bingbot/2.0;+http://www.bing.com/bingbot.htm )" 157.56.92.164 - - [16/Oct/2013:09:57:14 -0400] "GET /search.php/?ht=1&q=SUPERPREP+ELITE +semi+pro+team HTTP/1.1" 200 11475 "-" "Mozilla/5.0 (兼容; bingbot/2.0; + http://www.bing.com/bingbot.htm )" 157.56.92.164 - - [16/ Oct/2013:09:57:15 -0400]“GET /search.php/?ht=1&q=rines+para+jeep+cheroki HTTP/1.1”200 11475“-”“Mozilla/5.0(兼容;bingbot/2.0 ; + http://www.bing.com/bingbot.htm )" 157.56.92.164 - - [16/Oct/2013:09:57:15 -0400] "GET /search.php/?ht=1&q=outdoor +pro+staff+opportunity HTTP/1.1" 200 11475 "-" "Mozilla/5.0(兼容;bingbot/2.0;+ http://www.bing.com/bingbot.htm)"
这些是什么?