当我检查 nginx access.log 时,未知的 HEAD 请求会定期进入

Posted

技术标签:

【中文标题】当我检查 nginx access.log 时,未知的 HEAD 请求会定期进入【英文标题】:When I check nginx access.log, unknown HEAD requests come in periodically 【发布时间】:2017-12-18 23:22:36 【问题描述】:

首先,我使用服务器环境:

    服务器:nginx + uwsgi + django 应用、docker + AWS ECS 部署 芹菜:rabbitmq ec2 缓存:redis ec2 日志记录:AWS CloudWatch 日志 + watchtower 第三方应用程序

当我访问 ECS EC2 并检查 nginx access.log 时,会定期进入以下请求。 为什么会向我提出这个要求?这是您第一次打开服务器时不断出现的内容。

另外,我的ecs服务器的安全组80/443端口开放到任何地方。

nginx/access.log

54.214.101.194 - - [14/Jul/2017:03:02:12 +0000] "HEAD http://13.114.17.75:80/mysql/admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:12 +0000] "HEAD http://13.114.17.75:80/mysql/dbadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:12 +0000] "HEAD http://13.114.17.75:80/mysql/sqlmanager/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:12 +0000] "HEAD http://13.114.17.75:80/mysql/mysqlmanager/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/phpmyadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/phpMyadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/phpMyAdmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/phpmyAdmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/phpmyadmin2/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/phpmyadmin3/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/phpmyadmin4/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/2phpmyadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:13 +0000] "HEAD http://13.114.17.75:80/phpmy/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/phppma/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/myadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/shopdb/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/MyAdmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/program/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/PMA/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/dbadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/pma/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:14 +0000] "HEAD http://13.114.17.75:80/db/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/mysql/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/database/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/db/phpmyadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/db/phpMyAdmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/sqlmanager/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/mysqlmanager/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/php-myadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:15 +0000] "HEAD http://13.114.17.75:80/phpmy-admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/mysqladmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/mysql-admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/admin/phpmyadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/admin/phpMyAdmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/admin/sysadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/admin/sqladmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/admin/db/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/admin/web/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:16 +0000] "HEAD http://13.114.17.75:80/admin/pMA/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/mysql/pma/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/mysql/db/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/mysql/web/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/mysql/pMA/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/sql/phpmanager/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/sql/php-myadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/sql/phpmy-admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/sql/sql/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:17 +0000] "HEAD http://13.114.17.75:80/sql/myadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/webadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/sqlweb/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/websql/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/webdb/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/sqladmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/sql-admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/phpmyadmin2/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/phpMyAdmin2/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:18 +0000] "HEAD http://13.114.17.75:80/sql/phpMyAdmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/myadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/webadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/dbweb/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/websql/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/webdb/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/dbadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/db-admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/phpmyadmin3/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:19 +0000] "HEAD http://13.114.17.75:80/db/phpMyAdmin3/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/db/phpMyAdmin-3/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/administrator/phpmyadmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/administrator/phpMyAdmin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/administrator/db/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/administrator/web/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/administrator/pma/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/administrator/PMA/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/administrator/admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/phpMyAdmin2/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:20 +0000] "HEAD http://13.114.17.75:80/phpMyAdmin3/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/phpMyAdmin4/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/phpMyAdmin-3/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/php-my-admin/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/PMA2011/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/PMA2012/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/PMA2013/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/PMA2014/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/PMA2015/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:21 +0000] "HEAD http://13.114.17.75:80/PMA2016/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/PMA2017/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/PMA2018/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/pma2011/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/pma2012/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/pma2013/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/pma2014/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/pma2015/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/pma2016/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:22 +0000] "HEAD http://13.114.17.75:80/pma2017/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:23 +0000] "HEAD http://13.114.17.75:80/pma2018/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:23 +0000] "HEAD http://13.114.17.75:80/phpmyadmin2011/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:23 +0000] "HEAD http://13.114.17.75:80/phpmyadmin2012/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:23 +0000] "HEAD http://13.114.17.75:80/phpmyadmin2013/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:23 +0000] "HEAD http://13.114.17.75:80/phpmyadmin2015/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:23 +0000] "HEAD http://13.114.17.75:80/phpmyadmin2016/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:23 +0000] "HEAD http://13.114.17.75:80/phpmyadmin2017/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:24 +0000] "HEAD http://13.114.17.75:80/phpmyadmin2018/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
54.214.101.194 - - [14/Jul/2017:03:02:24 +0000] "HEAD http://13.114.17.75:80/phpmanager/ HTTP/1.1" 404 0 "-" "Mozilla/5.0 Jorgee"
95.213.177.125 - - [14/Jul/2017:03:14:35 +0000] "POST /azenv.php?auth=150000207593&a=PSCMN&i=885409785&p=80 HTTP/1.1" 404 580 "https://proxyradar.com/" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"

【问题讨论】:

10.0.1.234 是谁? @Fabien hmm..我向我办公室的API发送请求,IP也记录为10.0.1.234。 @Fabien 可能是 ELB 的 IP 这可能是他们ELB的IP地址。在这种情况下,所有这些看起来都像是寻找弱目标的漏洞扫描器的枚举。只是随机扫​​描,就像有数千个一样。 @Fabien 更改日志记录 ip 地址,该 ip 灵活 【参考方案1】:

这是来自漏洞扫描工具ZmEu 的一个非常典型的请求模式。长话短说,黑客正在运行一个自动化工具,试图在您的系统上找到一个易受攻击的 PHPMyAdmin 安装,并利用它来获得对您系统的 root 访问权限。即使您的系统上没有 PHPMyAdmin 也没关系,他们仍然会发出请求,只是为了测试并查看您是否这样做,因为这样做很便宜,如果他们确实找到了可以利用的东西,他们可以进入您的服务器窃取数据或将其用于邪恶目的。

不幸的是,这只是在互联网上拥有一台服务器的成本,人们不断地对他们可以访问的任何服务器运行自动扫描工具,试图找到入侵并接管它的方法。

【讨论】:

我们可以使用 fail2ban 缓解这些“攻击”吗? 是的,但是对于这样的事情,通常不值得引入额外的开销。将 404 服务返回给攻击者几乎不会花费您任何费用。根据禁止 IP 的数据库检查和验证所有入站 IP 地址的成本要高得多。

以上是关于当我检查 nginx access.log 时,未知的 HEAD 请求会定期进入的主要内容,如果未能解决你的问题,请参考以下文章

nginx access log怎么看请求ip

怎么修改nginx的access.log的时间格式

nginx关闭全局access.log,error.log

nginx access.log影响访问速度吗

Nginx切割access.log

nginx access.log中, 200 状态码 后面的那个数字是啥意思