隔着想刷我 CDN 呢
是不是有什么服务商的接口写死了上传和访问?搁这批量攻击
3 点 17 分上传一次
[2024-04-09T15:17:02.215] [ERROR] error - 👷♂️ ERR URL: /res-content/uploads/2018/11/81936297501704dd985e8ce84cb4a844.png
[2024-04-09T15:17:02.215] [ERROR] error - 👷♂️ ERR METHOD: GET
[2024-04-09T15:17:02.215] [ERROR] error - 👷♂️ ERR HEAD: {"host":"手动马赛克","cdn-loop":"cloudflare","cf-ipcountry":"CN","accept-encoding":"gzip, br","x-forwarded-for":"111.224.6.128,172.70.85.97","cf-ray":"871b76300e4576f9-LHR","x-forwarded-proto":"https","cf-visitor":"{"scheme":"https"}","user-agent":"Mozilla/5.096783921 Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8","accept-language":"zh-CN,zh;q=0.9","cf-connecting-ip":"111.224.6.128","x-envoy-external-address":"172.70.85.97","x-request-id":"bb273a56-87c4-42e5-a8e2-34297204e4a8"}
3 点 21 分请求一次
[2024-04-09T15:21:13.608] [ERROR] error - 👷♂️ LOG ID: 1712676073608
[2024-04-09T15:21:13.608] [ERROR] error - 👷♂️ ERR URL: /static/picture/2021-05-1812.png
[2024-04-09T15:21:13.608] [ERROR] error - 👷♂️ ERR METHOD: GET
[2024-04-09T15:21:13.608] [ERROR] error - 👷♂️ ERR HEAD: {"host":"手动马赛克","cdn-loop":"cloudflare","cf-ipcountry":"CN","accept-encoding":"gzip, br","x-forwarded-for":"112.193.7.61,162.158.166.118","cf-ray":"871b7c53ad6322ba-SJC","x-forwarded-proto":"https","cf-visitor":"{"scheme":"https"}","user-agent":"Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8","accept-language":"zh-CN,zh;q=0.9","cf-connecting-ip":"112.193.7.61","x-envoy-external-address":"162.158.166.118","x-request-id":"7b9f6971-d4d7-4c35-a1d7-3aac84012976"}
两次 php
[2024-04-07T16:12:25.280] [ERROR] error - 👷♂️ ERR URL: /wp-login.php [2024-04-09T23:49:31.956] [ERROR] error - 👷♂️ ERR URL: /wp-login.php
[2024-04-09T23:49:31.957] [ERROR] error - 👷♂️ ERR HEAD: {"host":"手动马赛克","cdn-loop":"cloudflare","cf-ipcountry":"CN","accept-encoding":"gzip, br","x-forwarded-for":"47.106.201.134,172.70.162.170","cf-ray":"871e64e9dacd9601-LHR","x-forwarded-proto":"https","cf-visitor":"{"scheme":"https"}","user-agent":"Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/95.0","referer":"http://手动马赛克/wp-login.php","cf-connecting-ip":"47.106.201.134","x-envoy-external-address":"172.70.162.170","x-request-id":"88d05041-f34c-40b3-bdb8-a35702730b8b"}
1
daimaosix 212 天前
上雷池,长亭雷池
|
3
asdfg17718 212 天前 via iPhone
刷接口不是很正常,CC 攻击费用挺低的,重要的是阿里会当成正常用户放进来。。。没法解决的话,可以交流下 vx 790881552 ,专业做安全的。
|
4
daimaosix 211 天前 1
|
5
asdfg17718 211 天前 via iPhone
@daimaosix 我在跟 op 交流,加不加看他意愿,请问打扰到你了吗?
|
6
wpzz OP 我用的 baas 服务,我只负责代码和配置,服务器由厂商维护,不用我关心 hhh
|