小贝子编程

有没有人在apache日志和wordpress中看到过这个事件?如果是这样,它是什么?



我发现大量来自单个IP地址的GET请求(总共3,624个(发送到我的wordpress网站。这种情况持续了 12 分钟。每个请求如下所示:

获取/?29 获取/?742 获取/?9 获取/?1493 ...

这些数字似乎是随机的。用户在第一次访问我的wordpress网站4分钟后开始这样做。

以下是更多日志:

192.168.107.172 - - [09/Mar/2020:13:10:03 +0000] "GET /?323 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:03 +0000] "GET /?97 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:03 +0000] "GET /?1527 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:03 +0000] "GET /?220 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:03 +0000] "GET /?1531 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:03 +0000] "GET /?1182 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:04 +0000] "GET /?1126 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:05 +0000] "GET /?1794 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:05 +0000] "GET /?1771 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:05 +0000] "GET /?98 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:05 +0000] "GET /?997 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:05 +0000] "GET /?1816 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:06 +0000] "GET /?190 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:06 +0000] "GET /?1624 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:06 +0000] "GET /?1179 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:06 +0000] "GET /?1845 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:07 +0000] "GET /?770 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:07 +0000] "GET /?910 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:07 +0000] "GET /?266 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:07 +0000] "GET /?1107 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:07 +0000] "GET /?725 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:07 +0000] "GET /?714 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:07 +0000] "GET /?476 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:07 +0000] "GET /?1642 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:08 +0000] "GET /?566 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:08 +0000] "GET /?449 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:08 +0000] "GET /?644 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:08 +0000] "GET /?537 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:08 +0000] "GET /?1727 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:08 +0000] "GET /?383 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:08 +0000] "GET /?1382 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:08 +0000] "GET /?335 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:08 +0000] "GET /?126 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:08 +0000] "GET /?1958 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:08 +0000] "GET /?932 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:08 +0000] "GET /?362 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:08 +0000] "GET /?245 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:08 +0000] "GET /?818 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:08 +0000] "GET /?753 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:08 +0000] "GET /?263 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?11 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?952 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?1035 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?1979 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?224 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?1796 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?566 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?1919 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?203 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?123 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?1387 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?235 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?1530 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?662 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?928 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?330 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?99 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?1040 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?857 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?1870 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?880 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?1992 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?848 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?873 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?885 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?1550 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?1252 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?330 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?1562 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?1208 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?1545 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:09 +0000] "GET /?594 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?85 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?280 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?10 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?1749 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?1421 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?1255 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?1992 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?1054 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?801 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?1967 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?126 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?1732 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?503 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?726 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?1763 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?1439 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?141 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?1743 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?645 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?1284 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?1744 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?1513 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?1859 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?255 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?73 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?1801 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?119 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?844 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?709 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?326 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?326 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"
192.168.107.172 - - [09/Mar/2020:13:10:10 +0000] "GET /?1762 HTTP/1.1" 408 0 "-" "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0" ```

这意味着什么

您不会受到DDOS(拒绝服务(攻击,因为它们太少见了。

包含查询字符串意味着 99.9% 是机器人扫描您的网站以查找"后门" - 也就是说,在更早的某个时候,另一个机器人会将一些代码上传到您的网站,这些代码通过将查询字符串附加到您网站上的特定 URL 来激活或测试。最常见的黑客攻击类型是将看似正常的文件放到您的网站上,例如wp-boot.php,这将允许用户在您的网站上创建更多脚本。

好消息:仅仅因为您的网站被扫描绝不表明您已被黑客入侵。

坏消息:这些黑客攻击通常是"黑帽搜索引擎优化"攻击,旨在替换您网站上的内容,或者在GoogleBot和其他搜索引擎扫描您的网站时完全替换您的网站 - 这对您的SEO非常有害,并且可能会很痛苦逆转。

URL总是不同的,因为黑客会在这些有效负载中随机化查询字符串和 URL - 因此它们更难找到和删除。

你可以做什么

首先要做的是找出您的网站是否已遭到入侵。最简单的方法是安装插件,例如wordfence或ithemes,因为它们可以自动扫描您的网站以解决各种问题。

它们还提供"防火墙",有助于阻止这些类型的攻击。

如果您觉得自己做更多工作很舒服,您可以:

  1. 扫描您的网站以查找主题,WP内容文件夹和WP包含中的异常文件(这是最常见的三个位置(。查找以随机字母作为名称的文件,或看起来不寻常的wp文件。
  2. 通过管理面板重新安装wordpress - 许多黑客不会创建新文件,而是将其他内容添加到已经存在的文件中(请参阅我的下一点(
  3. 您可以使用 linuxgrep命令或类似的命令扫描所有.php文件,以获取base64exec因为这两个命令用于绝大多数攻击。

您还可以通过托管将192.168.107.172添加到禁止的 IP 列表中,但这不会做太多事情,因为这些机器人会经常交替 IP 来绕过这种策略。

来源:在过去的6年里,我处理了很多黑客攻击。

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium