我的域名后面出现的文件夹和扩展名
几天前,我注意到流量急剧增加。经过检查,我在统计程序中注意到额外的流量来自直接来源。
A couple day ago i noticed that traffic had increased dramatically. Upon checking i noticed in my stats program that the extra traffic was from a direct source.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我的网站上偶尔也会收到类似的 URL。
我懒得检查,但是可能有一些安全性较差的 PHP 应用程序被利用。一些僵尸网络正在他们攻击的每台服务器(包括您的服务器)上尝试可利用页面的名称,希望您正在运行此应用程序,并且他们可以使用它来接管您的服务器。更新
一个名为“ThreatExpert”的网站发布了一份关于使用相同文件名的类似攻击的报告(自动拼凑在一起,因此信息不完整):
http://www.threatexpert.com/report.aspx?md5=d6e0c2a51ee4fa17ee1bb44518c421f1
I get URLs like that too, once in a while, on my site.
I'm too lazy to check, butthere's probably some exploit out for some poorly secured PHP app. Some botnets are trying the name for the exploitable page on every server they hit, including yours, in the hope that you are running this application and they can use it to take over your server.Update
A site called "ThreatExpert" has published a report (automatically slapped together, so not totally informative) on a similar attack using the same file name:
http://www.threatexpert.com/report.aspx?md5=d6e0c2a51ee4fa17ee1bb44518c421f1