我的一个 vps 上默认安装的 nginx ,最近看到访问日志里有大量其他域名的访问请求,我已经设置了非指定域名 return 403 ,但是这些请求显示的 status 却是 200 ,不知道什么原因,我贴一段 log:
54.171.59.77 - - [27/Apr/2016:11:16:45 +0800] "GET http://book.jetstar.com/Select.aspx HTTP/1.1" 200 240031 "-" "Mozilla/4.0 (Windows NT 5.2; rv:13.0) Gecko/20100101 Firefox/13.0"
174.139.87.98 - - [27/Apr/2016:11:16:45 +0800] "GET http://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_sc&uid=713123616136284032 HTTP/1.1" 302 322 "http://acdn.adnxs.com/ib/async_usersync.html" "Mozilla/5.0 (Windows; U; Windows NT 6.0; nl-NL) AppleWebKit/531.9 (KHTML, like Gecko) Version/4.0.3 Safari/531.9.1"
198.20.170.75 - - [27/Apr/2016:11:16:45 +0800] "GET http://p.rfihub.com/cm?rfi_evt=cm&rfi_uri=%2Fcm%3Fin%3D1%26pub%3D758%26forward%3Dhttp%3A%2F%2Fums.adtechus.com%2Fmapuser%3Fproviderid%3D1014%3Buserid%3D%257Buserid%257D&rfi_ts=1461727004905&google_gid=CAESEBK5NShaQ1MapbB47Fn7hrU&google_cver=1 HTTP/1.1" 302 0 "http://emmalinebride.com/" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_3; nl-nl) AppleWebKit/527+ (KHTML, like Gecko) Version/3.1.1 Safari/525.20"
198.20.170.78 - - [27/Apr/2016:11:16:45 +0800] "GET http://dtm.westelm.com.au/aol/match?fpc=2566&pnid=60&trid=271003338113065735&fpctok=1&cb=https%3A%2F%2Fums.adtechus.com%2Fmapuser%3Fproviderid%3D1013%3Buserid%3D%24UID HTTP/1.1" 502 182 "http://diablofans.com/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl-NL) AppleWebKit/523.15 (KHTML, like Gecko, Safari/419.3) Arora/0.2"
120.25.224.205 - - [27/Apr/2016:11:16:45 +0800] "CONNECT 115.238.170.16:80 HTTP/1.1" 400 182 "-" "-"
192.161.62.2 - - [27/Apr/2016:11:16:45 +0800] "CONNECT www.facebook.com:443 HTTP/1.1" 400 182 "-" "-"
192.161.62.2 - - [27/Apr/2016:11:16:45 +0800] "GET http://ib.adnxs.com/ttj?id=3128455&referrer=http%3A%2F%2Feveryjoe.com%2F&cb=19418 HTTP/1.1" 200 9855 "http://everyjoe.com/" "Mozilla/5.0 (Windows NT 5.2; rv:2.0b13pre) Gecko/20110304 Firefox/4.0b13pre"
192.161.62.2 - - [27/Apr/2016:11:16:45 +0800] "GET http://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_sc=&uid=8632918990361755582&google_tc= HTTP/1.1" 302 317 "http://acdn.adnxs.com/ib/async_usersync.html" "Mozilla/5.0 (X11; U; Linux i686; nl-NL; rv:1.9.0.19) Gecko/20120825 Firefox/3.5.1"
162.244.14.8 - - [27/Apr/2016:11:16:45 +0800] "CONNECT www.google.com.jm:443 HTTP/1.1" 400 182 "-" "-"
198.20.175.133 - - [27/Apr/2016:11:16:45 +0800] "GET http://ums.adtechus.com/mapuser?providerid=1014;userid=1038150090776031144 HTTP/1.1" 200 43 "http://www.emmalinebride.com/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl-NL) AppleWebKit/523.15 (KHTML, like Gecko, Safari/419.3) Arora/0.2"
37.194.206.65 - - [27/Apr/2016:11:16:45 +0800] "\x04\x01\x00\x19D\xA8a\xC3\x00" 400 182 "-" "-"
192.161.62.2 - - [27/Apr/2016:11:16:45 +0800] "GET http://ib.adnxs.com/setuid?entity=101&uid=5214508250538985788&code=CAESEHnQZPDh0N5IHTeg2OySKcE&google_cver=1 HTTP/1.1" 200 43 "http://acdn.adnxs.com/ib/async_usersync.html" "Mozilla/5.0 (Windows; U; Windows NT 6.0; nl-NL) AppleWebKit/531.9 (KHTML, like Gecko) Version/4.0.3 Safari/531.9.1"
124.135.20.43 - - [27/Apr/2016:11:16:45 +0800] "GET http://ib.adnxs.com/ttj?id=2476347&referrer=http%3A%2F%2Fwww.itsnotbadatall.com%2F&cb=54141 HTTP/1.0" 302 0 "http://www.itsnotbadatall.com/" "Mozilla/4.0 (compatible; MSIE 7.0; AOL 9.1; AOLBuild 4327.65535; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727); UnAuth-State"
192.151.144.220 - - [27/Apr/2016:11:16:45 +0800] "GET http://www.hotref.com/sample_design.php?virtual=1&products_id=3261 HTTP/1.1" 200 16477 "http://www.hotref.com/sample_design.php?id=0&sample=submit&products_id=3261" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0"
198.20.170.75 - - [27/Apr/2016:11:16:45 +0800] "GET http://cm.g.doubleclick.net/pixel?google_nid=rfi&google_push=&google_hm=MTQxMzUzNTk0NjQyNDI5NDcyNQ==http%3A%2F%2Fums.adtechus.com%2Fmapuser%3Fproviderid%3D1014%3Buserid%3D%7Buserid%7D HTTP/1.1" 200 170 "http://emmalinebride.com/" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_3; nl-nl) AppleWebKit/527+ (KHTML, like Gecko) Version/3.1.1 Safari/525.20"
185.70.185.61 - - [27/Apr/2016:11:16:45 +0800] "GET http://91.121.253.212/ HTTP/1.1" 200 7283 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
192.161.62.2 - - [27/Apr/2016:11:16:45 +0800] "GET http://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_sc&uid=6416262595441061256 HTTP/1.1" 302 323 "http://acdn.adnxs.com/ib/async_usersync.html" "Mozilla/5.0 (Windows NT 6.1; U;WOW64; de;rv:11.0) Gecko Firefox/11.0"
67.253.61.165 - - [27/Apr/2016:11:16:45 +0800] "CONNECT api.soundcloud.com:443 HTTP/1.1" 400 182 "-" "-"
104.254.212.17 - - [27/Apr/2016:11:16:45 +0800] "GET http://www.bing.com/ HTTP/1.1" 200 82743 "http://www.google.com/search?q=microsoft%2Ecom" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6"
1
yohn89 OP nginx conf:
server{ listen 80 default; server_name _; return 403; } |
2
yohn89 OP 有木有做运维的童鞋帮看一眼
|