换了个插件 StatPressCN专门收集错误访问信息,每天来的“人”可不少啊,这台主机上站点真的那么多漏洞么?还全是国内的ip段,不知道被谁盯上了。。。看来asp真的漏洞太多
| 20091218 | 22:45:39 | 113.108.143.212 广东省 电信 |
Mozilla/4.0 | /Admin/Admin_Login.asp | |
| 20091218 | 22:45:37 | 113.108.143.212 | Mozilla/4.0 | /Admin/Admin_Login.asp | |
| 20091218 | 22:45:34 | 113.108.143.212 | Mozilla/4.0 | /Admin/wkoxAdmin_Login.asp | |
| 20091218 | 20:14:10 | 60.179.109.12 浙江省宁波市 |
Mozilla/4.0 | /mirserver.rar | |
| 20091218 | 20:14:07 | 60.179.109.12 | Mozilla/4.0 | /mirserver.rar | |
| 20091218 | 20:14:04 | 60.179.109.12 | Mozilla/4.0 | /sluxmirserver.rar | |
| 20091218 | 17:41:10 | 218.241.144.214 北京市 电信 |
Mozilla/4.0 | /mirserver.rar | |
| 20091218 | 17:41:06 | 218.241.144.214 | Mozilla/4.0 | /mirserver.rar | |
| 20091218 | 17:41:01 | 218.241.144.214 | Mozilla/4.0 | /hkflmirserver.rar | |
| 20091218 | 17:16:51 | 58.211.138.95 江苏省苏州市 |
Mozilla/4.0 | /FCKeditor/editor/filemanager/browser/default/browser.html | |
| 20091218 | 17:16:48 | 58.211.138.95 | Mozilla/4.0 | /FCKeditor/editor/filemanager/browser/default/browser.html | |
| 20091218 | 17:16:45 | 58.211.138.95 | Mozilla/4.0 | /qcjtFCKeditor/editor/filemanager/browser/default/browser.html | |
| 20091218 | 16:19:34 | 58.211.138.95 | Mozilla/4.0 | /FCKeditor/editor/filemanager/browser/default/browser.html | |
| 20091218 | 16:19:31 | 58.211.138.95 | Mozilla/4.0 | /FCKeditor/editor/filemanager/browser/default/browser.html | |
| 20091218 | 16:19:28 | 58.211.138.95 | Mozilla/4.0 | /kpttFCKeditor/editor/filemanager/browser/default/browser.html | |
| 20091218 | 14:49:30 | 222.73.173.11 上海市 电信 |
Mozilla/4.0 | /webadmin/webaction/admin_login.asp | |
| 20091218 | 14:49:28 | 222.73.173.11 | Mozilla/4.0 | /webadmin/webaction/admin_login.asp | |
| 20091218 | 14:49:26 | 222.73.173.11 | Mozilla/4.0 | /webadmin/webaction/rwcjadmin_login.asp | |
| 20091218 | 14:49:23 | 222.73.173.11 | Mozilla/4.0 | /admin/pro_admin/htmledit/admin_login.asp | |
| 20091218 | 14:49:21 | 222.73.173.11 | Mozilla/4.0 | /admin/pro_admin/htmledit/admin_login.asp | |
| 20091218 | 14:49:18 | 222.73.173.11 | Mozilla/4.0 | /admin/pro_admin/htmledit/gemnadmin_login.asp | |
| 20091218 | 14:49:16 | 222.73.173.11 | Mozilla/4.0 | /admin888/ewebeditor/admin_login.asp | |
| 20091218 | 14:49:13 | 222.73.173.11 | Mozilla/4.0 | /admin888/ewebeditor/admin_login.asp | |
| 20091218 | 14:49:11 | 222.73.173.11 | Mozilla/4.0 | /admin888/ewebeditor/spncadmin_login.asp | |
| 20091218 | 14:49:09 | 222.73.173.11 | Mozilla/4.0 | /data/ewebeditor/admin_login.asp | |
| 20091218 | 14:49:06 | 222.73.173.11 | Mozilla/4.0 | /data/ewebeditor/admin_login.asp | |
| 20091218 | 14:49:04 | 222.73.173.11 | Mozilla/4.0 | /data/ewebeditor/pehwadmin_login.asp | |
| 20091218 | 14:49:02 | 222.73.173.11 | Mozilla/4.0 | /htmleditor/admin_login.asp | |
| 20091218 | 14:49:00 | 222.73.173.11 | Mozilla/4.0 | /htmleditor/admin_login.asp | |
| 20091218 | 14:48:58 | 222.73.173.11 | Mozilla/4.0 | /htmleditor/mdzaadmin_login.asp | |
| 20091218 | 14:48:56 | 222.73.173.11 | Mozilla/4.0 | /htmledit/admin_login.asp | |
| 20091218 | 14:48:54 | 222.73.173.11 | Mozilla/4.0 | /htmledit/admin_login.asp | |
| 20091218 | 14:48:52 | 222.73.173.11 | Mozilla/4.0 | /htmledit/lhkiadmin_login.asp | |
| 20091218 | 14:48:50 | 222.73.173.11 | Mozilla/4.0 | /admin/htmledit/admin_login.asp | |
| 20091218 | 14:48:47 | 222.73.173.11 | Mozilla/4.0 | /admin/htmledit/admin_login.asp | |
| 20091218 | 14:48:45 | 222.73.173.11 | Mozilla/4.0 | /admin/htmledit/elqhadmin_login.asp | |
| 20091218 | 14:48:43 | 222.73.173.11 | Mozilla/4.0 | /admin/eWeb/admin_login.asp | |
| 20091218 | 14:48:40 | 222.73.173.11 | Mozilla/4.0 | /admin/eWeb/admin_login.asp | |
| 20091218 | 14:48:38 | 222.73.173.11 | Mozilla/4.0 | /admin/eWeb/mxtuadmin_login.asp | |
| 20091218 | 14:48:36 | 222.73.173.11 | Mozilla/4.0 | /eWeb/admin_login.asp | |
| 20091218 | 14:48:34 | 222.73.173.11 | Mozilla/4.0 | /eWeb/admin_login.asp | |
| 20091218 | 14:48:32 | 222.73.173.11 | Mozilla/4.0 | /eWeb/peevadmin_login.asp | |
| 20091218 | 14:48:29 | 222.73.173.11 | Mozilla/4.0 | /manage/editor/admin_login.asp | |
| 20091218 | 14:48:27 | 222.73.173.11 | Mozilla/4.0 | /manage/editor/admin_login.asp | |
| 20091218 | 14:48:24 | 222.73.173.11 | Mozilla/4.0 | /manage/editor/slaaadmin_login.asp | |
| 20091218 | 14:48:22 | 222.73.173.11 | Mozilla/4.0 | /admin/editor/admin_login.asp | |
| 20091218 | 14:48:20 | 222.73.173.11 | Mozilla/4.0 | /admin/editor/admin_login.asp | |
| 20091218 | 14:48:17 | 222.73.173.11 | Mozilla/4.0 | /admin/editor/qhsqadmin_login.asp | |
| 20091218 | 14:48:15 | 222.73.173.11 | Mozilla/4.0 | /editor/admin_login.asp | |
| 20091218 | 14:48:13 | 222.73.173.11 | Mozilla/4.0 | /editor/admin_login.asp | |
| 20091218 | 14:48:11 | 222.73.173.11 | Mozilla/4.0 | /editor/bjdaadmin_login.asp | |
| 20091218 | 14:48:09 | 222.73.173.11 | Mozilla/4.0 | /manage/edit/admin_login.asp | |
| 20091218 | 14:48:06 | 222.73.173.11 | Mozilla/4.0 | /manage/edit/admin_login.asp | |
| 20091218 | 14:48:04 | 222.73.173.11 | Mozilla/4.0 | /manage/edit/zvgjadmin_login.asp | |
| 20091218 | 14:48:01 | 222.73.173.11 | Mozilla/4.0 | /admin/edit/admin_login.asp | |
| 20091218 | 14:47:59 | 222.73.173.11 | Mozilla/4.0 | /admin/edit/admin_login.asp | |
| 20091218 | 14:47:56 | 222.73.173.11 | Mozilla/4.0 | /admin/edit/yagladmin_login.asp | |
| 20091218 | 14:47:54 | 222.73.173.11 | Mozilla/4.0 | /edit/admin_login.asp | |
| 20091218 | 14:47:52 | 222.73.173.11 | Mozilla/4.0 | /edit/admin_login.asp | |
| 20091218 | 14:47:51 | 222.73.173.11 | Mozilla/4.0 | /edit/fsvkadmin_login.asp |
用必应搜索主机IP地址下有哪些域名被收录了:
ip:xxx.xxx.xxx.xxx
好像也没几个国内的站点啊,也没有访问量大的,真是奇怪。算了,封ip得了
在站点根目录下的 .htaccess 中加入Order Deny,Allow
Deny from 222.73.173.10
Deny from 60.176.106.178
Deny from 60.190.216.98
Deny from 61.176.194.84
Deny from 124.115.1.59
Deny from 116.26.65.216
Deny from 75.126.23.186
Deny from 219.131.137.41
Deny from 58.212.162.236
Deny from 60.169.0.130
Deny from 58.212.163.35
Deny from 125.116.99.175
Deny from 218.195.129.46
Deny from 150.70.84.46
Deny from 76.74.97.6
Deny from 116.23.87.186
Deny from 117.65.64.126
Deny from 119.5.64.248
Deny from 121.22.12.35
Deny from 121.69.29.10
Deny from 124.115.3.33
Deny from 124.115.5.169
Deny from 124.172.191.23
Deny from 122.5.132.229
Deny from 203.171.239.219
Deny from 203.86.0.214
Deny from 210.83.225.75
Deny from 210.87.143.194
Deny from 218.28.39.98
Deny from 218.73.130.178
Deny from 219.134.116.88
Deny from 222.242.171.220
Deny from 222.89.138.125
Deny from 25.68.2.143
Deny from 58.215.65.183
Deny from 58.215.75.22
Deny from 58.30.17.127
Deny from 59.41.123.26
Deny from 59.80.231.179
Deny from 60.213.186.250
Deny from 61.128.198.177
Deny from 61.152.244.215
Deny from 61.178.82.56
Deny from 61.183.45.178
Deny from 64.111.114.111
Deny from 64.41.145.
Deny from 119.141.224.160
Deny from 208.13.218.55
Deny from 65.55.107.
Deny from 65.55.108.
Deny from 65.55.109.
Deny from 65.55.110.
Deny from 65.55.165.
Deny from 65.55.232.
Deny from 66.90.73.188
Deny from 67.159.44.
Deny from 82.99.30.
Deny from 88.191.79.43
Deny from 88.191.94.206
Deny from 88.191.97.89
Deny from 222.73.173.11
Deny from 58.211.138.95
Deny from 218.241.144.214
又及:
前几天看见六维博客说忘记目录保 护,就是如果目录中没有index.xx文件,就显示目录列表。好奇试了下自己的blog,突然发现也一样,orz,所有的目录都是可以这样查看的。赶紧补上漏洞,不知道为啥直接在根目录的HTACCESS中加入以下代码:
Options –Indexes
会导致500错误,那么只好另想办法了。因为用的是cpanel,可以用索引管理器设置,如图:
选择你要保护的目录,点击文件夹的名称
这样就可以了。
其实那句代码没有错,是你没有把减号转换为半角的!
都是Wordpress惹的祸!
是这样,原来没注意
目前还没有trackbacks.