apache服务器由于HTTP连接请求而没有响应,如何阻止它们?
apache服务器由于HTTP连接请求而没有响应,如何阻止它们?
提问于 2023-05-07 16:13:11
Apache服务器正在获得这种流量。因为服务器没有响应。请建议我们如何处理这个问题。
78.135.85.252 - - [07/May/2023:16:08:33 +0000] "\x16\x03\x01" 400 492 "-" "-"
3.88.173.121 - - [07/May/2023:16:08:34 +0000] "CONNECT 92.53.96.128:443 HTTP/1.1" 200 148 "-" "-"
3.88.173.121 - - [07/May/2023:16:08:34 +0000] "\x16\x03\x01\x02" 400 492 "-" "-"
78.135.85.252 - - [07/May/2023:16:08:36 +0000] "CONNECT m.113kp.com:443 HTTP/1.1" 200 204 "-" "-"
78.135.85.252 - - [07/May/2023:16:08:36 +0000] "\x16\x03\x01" 400 492 "-" "-"
54.209.41.100 - - [07/May/2023:16:08:36 +0000] "CONNECT 185.215.4.15:443 HTTP/1.1" 200 148 "-" "-"
54.209.41.100 - - [07/May/2023:16:08:37 +0000] "\x16\x03\x01\x02" 400 492 "-" "-"
66.36.234.118 - - [07/May/2023:16:08:41 +0000] "CONNECT httpbin.org:443 HTTP/1.1" 200 167 "-" "-"
3.88.173.121 - - [07/May/2023:16:08:41 +0000] "CONNECT 92.53.96.128:443 HTTP/1.1" 200 148 "-" "-"
3.88.173.121 - - [07/May/2023:16:08:42 +0000] "\x16\x03\x01\x02" 400 492 "-" "-"
163.172.40.251 - - [07/May/2023:16:08:46 +0000] "GET http://example.com/ HTTP/1.1" 200 148 "-" "Go-http-client/1.1"
78.135.85.252 - - [07/May/2023:16:09:02 +0000] "CONNECT m.113kp.com:443 HTTP/1.1" 200 204 "-" "-"
78.135.85.252 - - [07/May/2023:16:09:02 +0000] "\x16\x03\x01" 400 492 "-" "-"
13.86.22.96 - - [07/May/2023:16:09:06 +0000] "CONNECT api.ipify.org:443 HTTP/1.1" 200 148 "-" "Go-http-client/1.1"
13.86.22.96 - - [07/May/2023:16:09:06 +0000] "\x16\x03\x01\x01\x12\x01" 400 492 "-" "-"
78.135.85.252 - - [07/May/2023:16:09:23 +0000] "CONNECT m.113kp.com:443 HTTP/1.1" 200 204 "-" "-"
78.135.85.252 - - [07/May/2023:16:09:23 +0000] "\x16\x03\x01" 400 492 "-" "-"
5.255.110.95 - - [07/May/2023:16:09:32 +0000] "GET http://azenv.net/ HTTP/1.1" 200 148 "-" "Go-http-client/1.1"
91.151.89.197 - - [07/May/2023:16:09:35 +0000] "CONNECT m.113kp.com:443 HTTP/1.1" 200 204 "-" "-"
91.151.89.197 - - [07/May/2023:16:09:35 +0000] "\x16\x03\x01" 400 492 "-" "-"
54.209.41.100 - - [07/May/2023:16:09:41 +0000] "CONNECT 185.215.4.15:443 HTTP/1.1" 200 148 "-" "-"
54.209.41.100 - - [07/May/2023:16:09:41 +0000] "\x16\x03\x01\x02" 400 492 "-" "-"
185.225.113.83 - - [07/May/2023:16:09:47 +0000] "CONNECT api.ipify.org:443 HTTP/1.1" 200 148 "-" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0"
185.225.113.83 - - [07/May/2023:16:09:47 +0000] "\x16\x03\x01\x02" 400 492 "-" "-"
54.209.41.100 - - [07/May/2023:16:09:59 +0000] "CONNECT 185.215.4.15:443 HTTP/1.1" 200 148 "-" "-"
54.209.41.100 - - [07/May/2023:16:10:01 +0000] "\x16\x03\x01\x02" 400 492 "-" "-"
67.205.154.166 - - [07/May/2023:16:10:04 +0000] "CONNECT ext2-sea1.steamserver.net:27019 HTTP/1.1" 200 148 "-" "Valve/Steam HTTP Client 1.0"
67.205.154.166 - - [07/May/2023:16:10:04 +0000] "\x16\x03\x01\x01\xa0\x01" 400 492 "-" "-"
5.255.110.95 - - [07/May/2023:16:10:17 +0000] "GET http://azenv.net/ HTTP/1.1" 200 148 "-" "Go-http-client/1.1"
45.12.112.162 - - [07/May/2023:16:10:18 +0000] "GET http://azenv.net/ HTTP/1.1" 200 167 "-" "Go-http-client/1.1"
3.88.173.121 - - [07/May/2023:16:10:20 +0000] "CONNECT 92.53.96.128:443 HTTP/1.1" 200 148 "-" "-"
3.88.173.121 - - [07/May/2023:16:10:21 +0000] "\x16\x03\x01\x02" 400 492 "-" "-"
162.158.62.204 - - [07/May/2023:16:10:24 +0000] "GET /privacypolicy.html HTTP/1.1" 404 501 "-" "PlayStore-Google"
54.209.41.100 - - [07/May/2023:16:10:25 +0000] "CONNECT 185.215.4.15:443 HTTP/1.1" 200 148 "-" "-"
54.209.41.100 - - [07/May/2023:16:10:26 +0000] "\x16\x03\x01\x02" 400 492 "-" "-"
3.88.173.121 - - [07/May/2023:16:10:36 +0000] "CONNECT 92.53.96.128:443 HTTP/1.1" 200 148 "-" "-"
78.135.85.252 - - [07/May/2023:16:10:39 +0000] "CONNECT m.113kp.com:443 HTTP/1.1" 200 204 "-" "-"
78.135.85.252 - - [07/May/2023:16:10:40 +0000] "\x16\x03\x01" 400 492 "-" "-"
54.209.41.100 - - [07/May/2023:16:10:41 +0000] "CONNECT 185.215.4.15:443 HTTP/1.1" 200 148 "-" "-"
3.88.173.121 - - [07/May/2023:16:10:41 +0000] "\x16\x03\x01\x02" 400 492 "-" "-"
54.209.41.100 - - [07/May/2023:16:10:44 +0000] "\x16\x03\x01\x02" 400 492 "-" "-"
3.88.173.121 - - [07/May/2023:16:10:55 +0000] "CONNECT 92.53.96.128:443 HTTP/1.1" 200 148 "-" "-"
3.88.173.121 - - [07/May/2023:16:10:55 +0000] "\x16\x03\x01\x02" 400 492 "-" "-"
3.88.173.121 - - [07/May/2023:16:10:58 +0000] "CONNECT 92.53.96.128:443 HTTP/1.1" 200 148 "-" "-"
3.88.173.121 - - [07/May/2023:16:10:58 +0000] "\x16\x03\x01\x02" 400 492 "-" "-"
3.88.173.121 - - [07/May/2023:16:10:59 +0000] "CONNECT 92.53.96.128:443 HTTP/1.1" 200 148 "-" "-"
54.209.41.100 - - [07/May/2023:16:11:00 +0000] "CONNECT 185.215.4.15:443 HTTP/1.1" 200 148 "-" "-"
54.209.41.100 - - [07/May/2023:16:11:01 +0000] "\x16\x03\x01\x02" 400 492 "-" "-"
70.34.201.180 - - [07/May/2023:16:11:01 +0000] "CONNECT ip-api.com:80 HTTP/1.1" 200 148 "-" "Python/3.11 python-socks/2.2.0"
70.34.201.180 - - [07/May/2023:16:11:02 +0000] "GET /json/?fields=8217 HTTP/1.1" 404 433 "-" "Mozilla/5.0 (Windows NT 10.0; rv:112.0) Gecko/20100101 Firefox/112.0"回答 2
Server Fault用户
回答已采纳
发布于 2023-05-08 08:00:24
当web服务器记录(许多)成功的CONNECT请求(如200 HTTP成功代码所证明的)时,web服务器被用作前向代理。
当这些请求不完全来自您自己的网络时,您的前向代理就没有(适当地)受到访问限制的保护。这通常被称为“开放代理”。
互联网上的随机客户端可以使用一个开放的代理和您的服务器隐藏他们自己的IP地址。
这可能是有意的,通过设计和哲学,例如提供在线匿名和允许人们规避网络审查。
一个大问题是,许多开放的代理(仅)被用于滥用和邪恶的目的。
通常,打开的代理是错误配置的结果。
相当典型的原因是新手管理员使用不正确的ProxyRequests指令,而不是(仅)一个ProxyPass将Apache配置为反向代理。
- Apache应该始终使用
ProxyRequests Off进行配置。 - 反向代理配置为
ProxyPass指令,不需要ProxyRequests on。 - 当您确实需要一个前向代理时,请使用许多专用代理服务器中的一个,而不是您的web服务器IMHO。
- 如果您仍然希望使用Apache作为前向代理,则保护您的配置并限制只访问授权客户端。
Server Fault用户
发布于 2023-05-07 16:21:32
您的站点通过连接方法被用作代理。
一种可能的减轻方法是禁用这里描述的连接方法。
LoadModule rewrite_module path/to/apache/modules/mod_rewrite.so要启用重写引擎,请添加以下内容:RewriteEngine On请注意,默认情况下,重写配置不会在虚拟服务器之间继承。将RewriteEngine添加到每个虚拟主机上。禁用HTTP方法重写规则(因为我们希望在这个HOWTO中禁用特定的http方法),我们的重写规则有两个组件:一个条件和在满足该条件时要应用的规则。在这个HOWTO中,我的示例规则将禁用HTTP跟踪和HTTP跟踪请求(尽管Apache不支持跟踪)和HTTP选项请求(尽管禁用HTTP选项不一定是最佳实践)。以下是规则:RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)RewriteRule .* - [F]
页面原文内容由Server Fault提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://serverfault.com/questions/1130594
复制相关文章
相似问题
腾讯云开发者
