收藏
回答

请问这是什么类型的攻击?怎么防?

请问这是什么类型的攻击?怎么防?


平台访问日志

其中一条 $_SERVER 信息

{"PATH":"C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Tencent\微信web开发者工具\dll","SYSTEMROOT":"C:\Windows","COMSPEC":"C:\Windows\system32\cmd.exe","PATHEXT":".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC","WINDIR":"C:\Windows","PHP_FCGI_MAX_REQUESTS":"1000","PHPRC":"phpStudy安装目录/php-7.2.1-nts/","_FCGI_SHUTDOWN_EVENT_":"2256","HTTP_CONNECTION":"close","SCRIPT_NAME":"/index.php","REQUEST_URI":"193.148.44.25:443","QUERY_STRING":"","REQUEST_METHOD":"CONNECT","SERVER_PROTOCOL":"HTTP/1.1","GATEWAY_INTERFACE":"CGI/1.1","REDIRECT_URL":"/","REMOTE_PORT":"45458","SCRIPT_FILENAME":"我网站的根目录/index.php","SERVER_ADMIN":"admin@php.cn","CONTEXT_DOCUMENT_ROOT":"我网站的根目录","CONTEXT_PREFIX":"","REQUEST_SCHEME":"http","DOCUMENT_ROOT":"我网站的根目录","REMOTE_ADDR":"159.223.216.59","SERVER_PORT":"443","SERVER_ADDR":"172.18.232.41","SERVER_NAME":"193.148.44.25","SERVER_SOFTWARE":"Apache/2.4.23 (Win32) OpenSSL/1.0.2j mod_fcgid/2.3.9","SERVER_SIGNATURE":"","SystemRoot":"C:\Windows","HTTP_HOST":"193.148.44.25","REDIRECT_STATUS":"200","FCGI_ROLE":"RESPONDER","PHP_SELF":"/index.php","REQUEST_TIME_FLOAT":1650815323.0096891,"REQUEST_TIME":1650815323}

Apache日志

176.118.53.199 - - [25/Apr/2022:00:20:51 +0800] "CONNECT 193.37.157.31:80 HTTP/1.1" 503 299 "-" "-"

143.110.232.213 - - [25/Apr/2022:00:21:42 +0800] "CONNECT 193.148.44.25:443 HTTP/1.1" 200 376 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:21:43 +0800] "CONNECT 185.12.155.12:443 HTTP/1.1" 200 376 "-" "-"

178.128.245.177 - - [25/Apr/2022:00:21:44 +0800] "CONNECT 31.44.83.188:8080 HTTP/1.1" 200 376 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:20:54 +0800] "CONNECT 146.120.90.25:443 HTTP/1.1" 503 299 "-" "-"

176.118.53.199 - - [25/Apr/2022:00:21:45 +0800] "CONNECT 83.229.254.40:443 HTTP/1.1" 200 376 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:20:55 +0800] "CONNECT 213.171.56.46:443 HTTP/1.1" 503 299 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:21:48 +0800] "CONNECT 80.87.203.131:443 HTTP/1.1" 200 376 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:20:56 +0800] "CONNECT 146.120.90.20:443 HTTP/1.1" 503 299 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:20:56 +0800] "CONNECT 91.239.5.113:443 HTTP/1.1" 503 299 "-" "-"

178.128.245.177 - - [25/Apr/2022:00:21:46 +0800] "CONNECT 46.17.204.250:4001 HTTP/1.1" 200 376 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:20:57 +0800] "CONNECT 146.120.90.21:80 HTTP/1.1" 503 299 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:20:57 +0800] "CONNECT 213.171.56.46:443 HTTP/1.1" 503 299 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:20:47 +0800] "CONNECT 185.12.155.210:80 HTTP/1.1" 200 376 "-" "-"

176.118.53.199 - - [25/Apr/2022:00:20:58 +0800] "CONNECT 195.19.25.47:443 HTTP/1.1" 503 299 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:21:53 +0800] "CONNECT 193.148.44.187:80 HTTP/1.1" 200 376 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:20:59 +0800] "CONNECT 193.148.44.114:443 HTTP/1.1" 503 299 "-" "-"

178.128.245.177 - - [25/Apr/2022:00:21:47 +0800] "CONNECT 92.53.82.187:8991 HTTP/1.1" 200 376 "-" "-"

176.118.53.199 - - [25/Apr/2022:00:20:59 +0800] "CONNECT 91.239.5.38:443 HTTP/1.1" 503 299 "-" "-"

178.128.245.177 - - [25/Apr/2022:00:21:49 +0800] "CONNECT 185.169.155.77:443 HTTP/1.1" 200 376 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:21:01 +0800] "CONNECT 146.120.90.61:443 HTTP/1.1" 503 299 "-" "-"

143.110.232.213 - - [25/Apr/2022:00:21:49 +0800] "CONNECT 193.148.44.114:443 HTTP/1.1" 200 376 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:21:01 +0800] "CONNECT 146.120.90.25:80 HTTP/1.1" 503 299 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:21:01 +0800] "CONNECT 213.171.56.46:443 HTTP/1.1" 503 299 "-" "-"

143.198.127.56 - - [25/Apr/2022:00:21:01 +0800] "CONNECT 85.31.123.212:443 HTTP/1.1" 503 299 "-" "-"

176.118.53.199 - - [25/Apr/2022:00:21:52 +0800] "CONNECT 185.12.152.25:80 HTTP/1.1" 200 376 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:21:02 +0800] "CONNECT 31.13.60.76:80 HTTP/1.1" 503 299 "-" "-"

176.118.53.199 - - [25/Apr/2022:00:21:51 +0800] "CONNECT 193.37.157.16:443 HTTP/1.1" 200 376 "-" "-"

141.144.206.34 - - [25/Apr/2022:00:21:55 +0800] "CONNECT 92.53.82.187:443 HTTP/1.1" 200 376 "-" "-"

37.46.248.6 - - [25/Apr/2022:00:21:54 +0800] "CONNECT 185.98.85.241:443 HTTP/1.1" 200 376 "-" "-"

141.144.206.34 - - [25/Apr/2022:00:21:55 +0800] "CONNECT 92.53.82.187:21 HTTP/1.1" 200 376 "-" "-"

143.110.232.213 - - [25/Apr/2022:00:22:01 +0800] "CONNECT 185.12.155.210:80 HTTP/1.1" 200 376 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:21:06 +0800] "CONNECT 185.12.152.27:80 HTTP/1.1" 503 299 "-" "-"

176.118.53.199 - - [25/Apr/2022:00:21:06 +0800] "CONNECT 185.169.155.77:443 HTTP/1.1" 503 299 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:21:57 +0800] "CONNECT 185.12.155.210:80 HTTP/1.1" 200 376 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:21:07 +0800] "CONNECT 194.226.180.80:80 HTTP/1.1" 503 299 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:21:07 +0800] "CONNECT 194.226.180.80:80 HTTP/1.1" 503 299 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:21:07 +0800] "CONNECT 194.226.180.80:80 HTTP/1.1" 503 299 "-" "-"

176.118.53.199 - - [25/Apr/2022:00:22:00 +0800] "CONNECT 185.12.155.29:443 HTTP/1.1" 200 376 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:22:04 +0800] "CONNECT 185.12.152.27:80 HTTP/1.1" 200 376 "-" "-"

31.131.18.13 - - [25/Apr/2022:00:21:09 +0800] "CONNECT 216.58.208.195:80 HTTP/1.1" 503 299 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:21:09 +0800] "CONNECT 185.169.155.229:80 HTTP/1.1" 503 299 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:21:09 +0800] "CONNECT 194.226.180.66:443 HTTP/1.1" 503 299 "-" "-"

143.110.232.213 - - [25/Apr/2022:00:22:02 +0800] "CONNECT 185.12.152.27:80 HTTP/1.1" 200 376 "-" "-"

143.110.232.213 - - [25/Apr/2022:00:22:04 +0800] "CONNECT 185.12.155.210:80 HTTP/1.1" 200 376 "-" "-"

141.144.206.34 - - [25/Apr/2022:00:21:58 +0800] "CONNECT 46.17.204.250:11011 HTTP/1.1" 200 376 "-" "-"

176.118.53.199 - - [25/Apr/2022:00:21:59 +0800] "CONNECT 146.120.90.95:443 HTTP/1.1" 200 376 "-" "-"

138.201.186.242 - - [25/Apr/2022:00:21:12 +0800] "CONNECT 185.12.155.115:443 HTTP/1.1" 503 299 "-" "-"

69.149.121.58 - - [25/Apr/2022:00:21:13 +0800] "CONNECT 85.31.124.232:443 HTTP/1.1" 503 299 "-" "-"

206.189.105.43 - - [25/Apr/2022:00:22:05 +0800] "CONNECT 178.248.239.134:443 HTTP/1.1" 200 376 "-" "-"

176.118.53.199 - - [25/Apr/2022:00:21:14 +0800] "CONNECT 194.226.180.66:443 HTTP/1.1" 503 299 "-" "-"

143.110.232.213 - - [25/Apr/2022:00:22:07 +0800] "CONNECT 185.12.152.27:80 HTTP/1.1" 200 376 "-" "-"


回答关注问题邀请回答
收藏
登录 后发表内容