环球回收网-二手设备处理网刚上线就遭到黑客扫描了漏洞!曝光此IP!
<p>环球回收网-二手设备处理www.btgjj.com.cn,上线没几天,就有这种人扫描了,做后台网站日志,看到这些不正常的请求。果断禁止此ip:104.243.134.186</p><p>大家也一定要注意这方面的服务器安全!</p><p>解决办法:如果你是宝塔面板,打开-安全-在端口控制里面选择屏蔽ip功能,禁止此ip就可以了,然后后期经常查看日志,有新的不正常ip,见一个封一个|!</p><p><br></p>
附上部分扫描日志!
- - [26/Jun/2020:22:01:03 +0800] "POST /$%7B@eval($_POST%5Bc%5D)%7D HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:03 +0800] "POST / HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:03 +0800] "POST /login_ HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:04 +0800] "POST /5t/css/ HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:05 +0800] "POST / HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:06 +0800] "POST /data/ HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:06 +0800] "POST /plus/mytag_ HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:06 +0800] "POST / HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:06 +0800] "POST / HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:08 +0800] "POST /plus/ HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:08 +0800] "POST /plus/mytag_ HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:08 +0800] "POST /languages/zh_cn/convert/ HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:09 +0800] "POST /$%7B@eval($_POST%5Bc%5D)%7D HTTP/" 200 245072 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:10 +0800] "POST /data/config_ HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:11 +0800] "POST /2016/ HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:11 +0800] "POST /api/ HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:12 +0800] "POST /cache/ HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:14 +0800] "POST /plus/ad_ HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:14 +0800] "POST /plus/mytag_ HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:14 +0800] "POST / HTTP/" 200 244957 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:16 +0800] "POST /$%7B@print(eval($_POST[c]))%7D HTTP/" 200 245063 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:17 +0800] "POST /plus/mytag_ HTTP/" 404 3691 "" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:17 +0800] "POST / HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:17 +0800] "POST / HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:17 +0800] "POST / HTTP/" 200 245087 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
- - [26/Jun/2020:22:01:18 +0800] "POST /yp/${${@eval%28$_POST[-62]%29}} HTTP/" 404 3691 " plus/" "Mozilla/ (compatible; MSIE Windows NT )"
