小网站 如何应对恶意高并发访问攻击?访问请求全是网站上不存在的资源

发布于 2022-09-13 00:40:18 字数 4132 浏览 36 评论 0

今天查access_log发现,经常有恶意高并发访问,访问请求全是网站上不存在的资源,响应都是404。
1分钟内有800-1000次访问,造成部分时间段负载100%。
本来就是个低配服务器,1核1G内存,3M带宽,实在是经受不起折腾。

业务量小,因经济效益原因, 不支持升级配置。

本人菜鸟,想问下如何应对?

部分日志如下:

120.85.111.109 - - [15/Jul/2021:14:27:07 +0800] "GET /H4ckSo1di3r.HtML HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
112.115.157.146 - - [15/Jul/2021:14:27:07 +0800] "GET /zijing.html HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
171.36.132.187 - - [15/Jul/2021:14:27:07 +0800] "GET /admin/mk.asp HTTP/1.1" 200 25 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
171.36.142.185 - - [15/Jul/2021:14:27:07 +0800] "GET /Surchx.txt HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
110.167.215.36 - - [15/Jul/2021:14:27:07 +0800] "GET /lk.html HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
220.200.163.30 - - [15/Jul/2021:14:27:07 +0800] "GET /yt9077.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
36.106.167.181 - - [15/Jul/2021:14:27:07 +0800] "GET /zip.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
110.167.215.10 - - [15/Jul/2021:14:27:07 +0800] "GET /hackjie.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
221.11.60.149 - - [15/Jul/2021:14:27:07 +0800] "GET /Newfo./1.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
221.13.12.52 - - [15/Jul/2021:14:27:07 +0800] "GET /201055151920.txt HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
36.32.3.203 - - [15/Jul/2021:14:27:07 +0800] "GET /feng.htm HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
221.13.12.232 - - [15/Jul/2021:14:27:07 +0800] "GET /feiyu.html HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
36.32.3.32 - - [15/Jul/2021:14:27:07 +0800] "GET /zk.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
120.0.52.72 - - [15/Jul/2021:14:27:08 +0800] "GET /img.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
113.58.232.41 - - [15/Jul/2021:14:27:08 +0800] "GET /help.txt HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
221.213.75.219 - - [15/Jul/2021:14:27:08 +0800] "GET /Alan.html HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
120.85.110.160 - - [15/Jul/2021:14:27:08 +0800] "GET /badgod.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
120.85.110.46 - - [15/Jul/2021:14:27:08 +0800] "GET /aspx.aspx HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
182.138.137.209 - - [15/Jul/2021:14:27:08 +0800] "GET /zhdian.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
221.213.75.126 - - [15/Jul/2021:14:27:08 +0800] "GET /amao.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
27.184.93.125 - - [15/Jul/2021:14:27:08 +0800] "GET /index.html HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
221.213.75.166 - - [15/Jul/2021:14:27:08 +0800] "GET /hackcx.html HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
115.200.236.100 - - [15/Jul/2021:14:27:09 +0800] "GET /Draksec.htm HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
175.152.31.247 - - [15/Jul/2021:14:27:09 +0800] "GET /yy.txt HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

那小子欠揍 2022-09-20 00:40:18

可以利用fail2ban之类的工具,设定好策略,比如连续多少个无效访问就屏蔽多长时间。

可参考 https://www.vpsjxw.com/build_...

2022-09-20 00:40:18

Nginx配置禁止访问特定结尾的文件,可以阻拦部分请求,如禁止访问.txt和.doc结尾的文件

location ~* \.(txt|doc)$ {
        deny all;
}
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文