我正在查看我的 apache error.log,我注意到有一些尝试wp-config.php失败了。
奇怪的是,它说请求的是网站本身。
攻击者/机器人是如何做到这一点的?
这是日志[用示例替换实际网址]:
[Sun Mar 20 09:06:40 2016] [error] [client 105.228.84.134] PHP Fatal error: Call to undefined function _deprecated_file() in /var/www/example/wp-includes/rss-functions.php on line 8, referer: http://example.co.za/
[Sun Mar 20 09:06:41 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-content/debug.log, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php~, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/#wp-config.php#, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php.save, referer: http://example.co.za/
[Sun Mar 20 09:06:44 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.old, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php.swp, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php.swo, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/.wp-config.php.swp, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.bak, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php_bak, referer: http://example.co.za/
[Sun Mar 20 09:06:42 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php.bak, referer: http://example.co.za/
[Sun Mar 20 09:06:44 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.save, referer: http://example.co.za/
[Sun Mar 20 09:06:44 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php.old, referer: http://example.co.za/
[Sun Mar 20 09:06:45 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php.orig, referer: http://example.co.za/
[Sun Mar 20 09:06:45 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.php.original, referer: http://example.co.za/
[Sun Mar 20 09:06:45 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.orig, referer: http://example.co.za/
[Sun Mar 20 09:06:45 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.original, referer: http://example.co.za/
[Sun Mar 20 09:06:47 2016] [error] [client 105.228.84.134] File does not exist: /var/www/example/wp-config.txt, referer: http://example.co.za/
标
referer头由客户端发送。很像user agent标题之类的东西,很容易被欺骗。几乎从不相信客户可以发送的任何东西。Apache 只是报告在 HTTP 标头中发送的HTTP 引用。这没有以任何方式验证,因此他们可以轻松地将引用者设置为任何值。唯一一次查看引用者(除了统计数据)是远程有用的,当有人试图从另一个指向您的站点共享您的站点上的图像时。这只起作用,因为最终用户通常会使用传递准确引荐来源的浏览器。