小网站 如何应对恶意高并发访问攻击?访问请求全是网站上不存在的资源

young8704
  • 233

今天查access_log发现,经常有恶意高并发访问,访问请求全是网站上不存在的资源,响应都是404。
1分钟内有800-1000次访问,造成部分时间段负载100%。
本来就是个低配服务器,1核1G内存,3M带宽,实在是经受不起折腾。

业务量小,因经济效益原因, 不支持升级配置。

本人菜鸟,想问下如何应对?

部分日志如下:

120.85.111.109 - - [15/Jul/2021:14:27:07 +0800] "GET /H4ckSo1di3r.HtML HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
112.115.157.146 - - [15/Jul/2021:14:27:07 +0800] "GET /zijing.html HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
171.36.132.187 - - [15/Jul/2021:14:27:07 +0800] "GET /admin/mk.asp HTTP/1.1" 200 25 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
171.36.142.185 - - [15/Jul/2021:14:27:07 +0800] "GET /Surchx.txt HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
110.167.215.36 - - [15/Jul/2021:14:27:07 +0800] "GET /lk.html HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
220.200.163.30 - - [15/Jul/2021:14:27:07 +0800] "GET /yt9077.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
36.106.167.181 - - [15/Jul/2021:14:27:07 +0800] "GET /zip.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
110.167.215.10 - - [15/Jul/2021:14:27:07 +0800] "GET /hackjie.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
221.11.60.149 - - [15/Jul/2021:14:27:07 +0800] "GET /Newfo./1.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
221.13.12.52 - - [15/Jul/2021:14:27:07 +0800] "GET /201055151920.txt HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
36.32.3.203 - - [15/Jul/2021:14:27:07 +0800] "GET /feng.htm HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
221.13.12.232 - - [15/Jul/2021:14:27:07 +0800] "GET /feiyu.html HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
36.32.3.32 - - [15/Jul/2021:14:27:07 +0800] "GET /zk.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
120.0.52.72 - - [15/Jul/2021:14:27:08 +0800] "GET /img.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
113.58.232.41 - - [15/Jul/2021:14:27:08 +0800] "GET /help.txt HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
221.213.75.219 - - [15/Jul/2021:14:27:08 +0800] "GET /Alan.html HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
120.85.110.160 - - [15/Jul/2021:14:27:08 +0800] "GET /badgod.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
120.85.110.46 - - [15/Jul/2021:14:27:08 +0800] "GET /aspx.aspx HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
182.138.137.209 - - [15/Jul/2021:14:27:08 +0800] "GET /zhdian.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
221.213.75.126 - - [15/Jul/2021:14:27:08 +0800] "GET /amao.asp HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
27.184.93.125 - - [15/Jul/2021:14:27:08 +0800] "GET /index.html HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
221.213.75.166 - - [15/Jul/2021:14:27:08 +0800] "GET /hackcx.html HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
115.200.236.100 - - [15/Jul/2021:14:27:09 +0800] "GET /Draksec.htm HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
175.152.31.247 - - [15/Jul/2021:14:27:09 +0800] "GET /yy.txt HTTP/1.1" 404 755 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
回复
阅读 554
2 个回答

Nginx配置禁止访问特定结尾的文件,可以阻拦部分请求,如禁止访问.txt和.doc结尾的文件

location ~* \.(txt|doc)$ {
        deny all;
}
撰写回答
你尚未登录,登录后可以
  • 和开发者交流问题的细节
  • 关注并接收问题和回答的更新提醒
  • 参与内容的编辑和改进,让解决方法与时俱进
你知道吗?

宣传栏