我正在尝试在 nginx 中使用变量server_name,但不工作。这可能吗?
server {
listen 80;
index index.php index.html;
set $foo "bar.example.com";
server_name $foo;
}
我正在做这样的事情:
location /foo {
content_by_lua_block {
local reqType = ngx.var.request_method
if reqType == "POST"
res = ngx.location.capture("/bar")
else
res = ngx.location.capture("/baz")
end
ngx.say(res.body)
}
}
location /bar {
internal;
#fastcgi, omitted
}
location /baz{
internal;
#fastcgi, omitted
}
}
但是PHP发送的标头丢失了,状态码总是200。有没有办法只发送原始响应?ngx.say()只需输出响应正文,我需要捕获整个请求并将其发送到浏览器。
我在用着openresty/1.9.15.1
编辑:我找到了一种方法来做到这一点,但如果存在任何不同的方法来做到这一点,将不胜感激。
今天我发现该/var/log/auth.log文件只有最近一周的记录,我怀疑我被使用了不安全的 SSH 密码被黑客入侵,攻击者删除了访问日志以避免被发现。
以下是日志中的第一行:
Jun 26 06:44:58 server CRON[14297]: pam_unix(cron:session): session closed for user root
Jun 26 06:47:01 server CRON[14484]: pam_unix(cron:session): session opened for user root by (uid=0)
Jun 26 06:47:02 server CRON[14484]: pam_unix(cron:session): session closed for user root
Jun 26 07:17:01 server CRON[14515]: pam_unix(cron:session): session opened for user root by (uid=0)
Jun 26 07:17:01 server CRON[14515]: pam_unix(cron:session): session closed for user root
Jun 26 08:17:01 server CRON[14518]: pam_unix(cron:session): session opened for user root by (uid=0)
Jun 26 08:17:01 server CRON[14518]: pam_unix(cron:session): session closed for user root
Jun 26 09:17:01 server CRON[14521]: pam_unix(cron:session): session opened for user root by (uid=0)
Jun 26 09:17:01 server CRON[14521]: pam_unix(cron:session): session closed for user root
Jun 26 10:17:01 server CRON[14524]: pam_unix(cron:session): session opened for user root by (uid=0)
Jun 26 10:17:01 server CRON[14524]: pam_unix(cron:session): session closed for user root
Jun 26 11:17:01 server CRON[14527]: pam_unix(cron:session): session opened for user root by (uid=0)
Jun 26 11:17:01 server CRON[14527]: pam_unix(cron:session): session closed for user root
Jun 26 12:17:01 server CRON[14530]: pam_unix(cron:session): session opened for user root by (uid=0)
Jun 26 12:17:01 server CRON[14530]: pam_unix(cron:session): session closed for user root
Jun 26 13:16:29 server login[1022]: pam_unix(login:auth): check pass; user unknown
Jun 26 13:16:29 server login[1022]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=/dev/tty1 ruser= rhost=
Jun 26 13:16:32 server login[1022]: FAILED LOGIN (1) on '/dev/tty1' FOR 'UNKNOWN', Authentication failure
Jun 26 13:17:01 server CRON[14533]: pam_unix(cron:session): session opened for user root by (uid=0)
Jun 26 13:17:01 server CRON[14533]: pam_unix(cron:session): session closed for user root
Jun 26 13:17:09 server login[1022]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=root
Jun 26 13:17:13 server login[1022]: FAILED LOGIN (2) on '/dev/tty1' FOR 'root', Authentication failure
Jun 26 13:17:18 server login[1022]: FAILED LOGIN (3) on '/dev/tty1' FOR 'root', Authentication failure
Jun 26 13:17:23 server login[1022]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=vagrant
Jun 26 13:17:34 server login[14536]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=vagrant
Jun 26 13:17:36 server login[14536]: FAILED LOGIN (1) on '/dev/tty1' FOR 'vagrant', Authentication failure
这是正常的吗?这应该是完整的吗?
我被黑了,检查 nginx 日志我发现了几个这样的请求:
169.229.3.91 - - [18/Jun/2016:09:42:19 +0000] ")\xE7\xD1?\xD6\x18.\xC0\xCE\xA3\x7FR\xEA~O$\x0BLi\x13\xA0m\xE7\xF0H4\x92\xD6\xBFv\xD2\xDF3\xFCX#T\x0B\xB6\xE4XmU\xEF$\x03\xC9/\xFD\xDEf\x00\x89Prq\x1A\xB5\x13\x0CoGOn" 400 173 "-" "-"
`
我怀疑从我的服务器生成XML-RPC 攻击,但我无法确认,有没有办法将该代码转换为人类可读的文本?
我有一个需要用 Javascript 读取的 cookie,所以我需要从中删除 cookie 的 httponly 部分。
这是我需要修改的 cookie:
Set-Cookie: wordpress_c3d46b752402579c18e981091b8c940c=admin%7C1463963639%7CWsIehTVJh4%7C7ee6e8117b6b; expires=Mon, 23-May-2016 12:33:59 GMT; Max-Age=1252800; path=/wp-content/plugins; domain=.example.org; HttpOnly
我只需要在 cookie 的末尾剥离 HttpOnly 字符串
PS:我知道我在这里引入了一个潜在的安全问题。
阅读这个问题,我了解到容器使用基本映像(如 ubuntu)作为根文件系统。现在我的问题是,如果我有完全相同的操作系统(如 ubuntu 14.04),是否有必要下载基础映像。
那个基本图像是多余的吗?