用了 google cloud 以后 cpu 过一段时间就会飙升一次,一直很纳闷。 以前从来没看过 nginx 日志,今天一看惊呆了,有不停换 ip 尝试登陆的,有尝试获取 phpmyadmin 地址的。 仅仅一天的日志 90%以上都是各种使坏的。
135.181.10.248 - - [01/Jan/2021:02:50:05 +0000] "GET /phpmyadmin HTTP/1.1" 404 3422 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36"
135.181.10.248 - - [01/Jan/2021:02:50:05 +0000] "GET /?/phpmyadmin HTTP/1.1" 200 6487 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36"
85.114.138.138 - - [01/Jan/2021:02:51:03 +0000] "GET /phpmyadmin HTTP/1.1" 301 5 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36"
85.114.138.138 - - [01/Jan/2021:02:51:03 +0000] "GET /phpmyadmin HTTP/1.1" 404 3422 "https://gotomorrow.dev:443/phpmyadmin" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36"
135.181.10.248 - - [01/Jan/2021:02:51:06 +0000] "GET /phpmyadmin HTTP/1.1" 301 5 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36"
135.181.10.248 - - [01/Jan/2021:02:51:07 +0000] "GET /phpmyadmin HTTP/1.1" 404 3422 "https://gotomorrow.dev:443/phpmyadmin" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36"
85.114.138.138 - - [01/Jan/2021:02:52:24 +0000] "GET /myadmin HTTP/1.1" 404 3422 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36"
85.114.138.138 - - [01/Jan/2021:02:52:24 +0000] "GET /mysql HTTP/1.1" 404 3422 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36"
85.114.138.138 - - [01/Jan/2021:02:52:24 +0000] "GET /mysqladmin HTTP/1.1" 404 3422 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36"
85.114.138.138 - - [01/Jan/2021:02:52:25 +0000] "GET /db HTTP/1.1" 404 3422 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36"
85.114.138.138 - - [01/Jan/2021:02:52:25 +0000] "GET /sqladmin HTTP/1.1" 404 3422 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36"
85.114.138.138 - - [01/Jan/2021:02:52:26 +0000] "GET /pma HTTP/1.1" 404 3422 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36"
85.114.138.138 - - [01/Jan/2021:02:52:26 +0000] "GET /phpmy HTTP/1.1" 404 3422 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36"
85.114.138.138 - - [01/Jan/2021:02:52:27 +0000] "GET /phpmanager HTTP/1.1" 404 3422 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36"
13.233.145.199 - - [01/Jan/2021:04:28:59 +0000] "GET /zh/wp-login.php HTTP/1.1" 200 2749 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
13.233.145.199 - - [01/Jan/2021:04:29:13 +0000] "POST /zh/wp-login.php HTTP/1.1" 200 2873 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
13.233.145.199 - - [01/Jan/2021:04:29:23 +0000] "POST /zh/xmlrpc.php HTTP/1.1" 200 412 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。
V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。
V2EX is a community of developers, designers and creative people.