0

我通过 Apache2 服务器在我的日志文件中收到了很多这样的连接

138.68.72.252 - - [06/Jan/2022:10:44:18 +0100] "\x16\x03\x01\x01\xfc\x01" 400 0 "-" "-"

感谢https://serverfault.com/a/399901我知道这是黑客的尝试

服务器不受此攻击。还有fail2ban 和DOS 和DDOS 保护的设置。所以那里所做的一切都可以完成。

但是他们让我的日志文件很恶心。

因此,如何在模式下设置 SetEnvIf 不会记录不是 GET 而不是 POST 的请求

我试过这个

SetEnvIf Request_URI "^\\x16\\x03(.*)$" dontlog=1

但既然没有像

20.203.156.151 - - [06/Jan/2022:18:44:01 +0100] "GET / HTTP/1.1" 200 5985 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:01 +0100] "GET / HTTP/1.1" 200 5871 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:02 +0100] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:02 +0100] "GET /xmlrpc.php?rsd HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:02 +0100] "GET / HTTP/1.1" 200 5871 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:02 +0100] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:02 +0100] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:02 +0100] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:02 +0100] "GET /website/wp-includes/wlwmanifest.xml HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:02 +0100] "GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:02 +0100] "GET /news/wp-includes/wlwmanifest.xml HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:03 +0100] "GET /2020/wp-includes/wlwmanifest.xml HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:03 +0100] "GET /2019/wp-includes/wlwmanifest.xml HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:03 +0100] "GET /shop/wp-includes/wlwmanifest.xml HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:03 +0100] "GET /wp1/wp-includes/wlwmanifest.xml HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:03 +0100] "GET /test/wp-includes/wlwmanifest.xml HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:03 +0100] "GET /wp2/wp-includes/wlwmanifest.xml HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:03 +0100] "GET /site/wp-includes/wlwmanifest.xml HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:04 +0100] "GET /cms/wp-includes/wlwmanifest.xml HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.203.156.151 - - [06/Jan/2022:18:44:04 +0100] "GET /sito/wp-includes/wlwmanifest.xml HTTP/1.1" 404 341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
20.119.227.45 - - [06/Jan/2022:19:58:23 +0100] "POST / HTTP/1.1" 200 2491 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
136.144.41.117 - - [05/Jan/2022:21:52:57 +0100] "GET / HTTP/1.1" 200 2458 "-" "Linux Gnu (cow)"
                                                 ⬆️ u can see here that this are correct HTTP/1.1 GET requests (METHOD URL HTTP/1.1)

没有 Request_URI

Tnks 伙计们

4

0 回答 0