大佬帮忙看看是不是有人在CC我

opear2008 发表于 2019-2-27 12:05:12

[*]2019/02/27 11:45:13 844#0: *98289 connect() to unix:/tmp/php-cgi-70.sock failed (11: Resource temporarily unavailable) while connecting to upstream, client: 116.96.116.121, server: kxeesd.com, request: "POST /xmlrpc.php HTTP/1.1", upstream: "fastcgi://unix:/tmp/php-cgi-70.sock:", host: "www.kxeesd.com", referrer: "https://www.kxeesd.com/xmlrpc.php"
[*]2019/02/27 11:45:13 844#0: *98117 connect() to unix:/tmp/php-cgi-70.sock failed (11: Resource temporarily unavailable) while connecting to upstream, client: 113.181.135.88, server: kxeesd.com, request: "POST /xmlrpc.php HTTP/1.1", upstream: "fastcgi://unix:/tmp/php-cgi-70.sock:", host: "www.kxeesd.com", referrer: "https://www.kxeesd.com/xmlrpc.php"
[*]2019/02/27 11:45:13 844#0: *98117 connect() to unix:/tmp/php-cgi-70.sock failed (11: Resource temporarily unavailable) while connecting to upstream, client: 113.181.135.88, server: kxeesd.com, request: "POST /xmlrpc.php HTTP/1.1", upstream: "fastcgi://unix:/tmp/php-cgi-70.sock:", host: "www.kxeesd.com", referrer: "https://www.kxeesd.com/xmlrpc.php"
[*]2019/02/27 11:45:13 844#0: *98304 connect() to unix:/tmp/php-cgi-70.sock failed (11: Resource temporarily unavailable) while connecting to upstream, client: 171.242.88.217, server: kxeesd.com, request: "POST /xmlrpc.php HTTP/1.1", upstream: "fastcgi://unix:/tmp/php-cgi-70.sock:", host: "www.kxeesd.com", referrer: "https://www.kxeesd.com/xmlrpc.php"
[*]2019/02/27 11:45:13 844#0: *98304 connect() to unix:/tmp/php-cgi-70.sock failed (11: Resource temporarily unavailable) while connecting to upstream, client: 171.242.88.217, server: kxeesd.com, request: "POST /xmlrpc.php HTTP/1.1", upstream: "fastcgi://unix:/tmp/php-cgi-70.sock:", host: "www.kxeesd.com", referrer: "https://www.kxeesd.com/xmlrpc.php"
[*]2019/02/27 11:45:13 844#0: *98285 connect() to unix:/tmp/php-cgi-70.sock failed (11: Resource temporarily unavailable) while connecting to upstream, client: 123.24.43.72, server: kxeesd.com, request: "POST /xmlrpc.php HTTP/1.1", upstream: "fastcgi://unix:/tmp/php-cgi-70.sock:", host: "www.kxeesd.com", referrer: "https://www.kxeesd.com/xmlrpc.php"复制代码

有好多这种日志出现。然后负载状态就变成100%，我宝塔上就放了一个WP，日均2IP，我手机和电脑，哈哈！

余晖脉脉 发表于 2019-2-27 12:11:40

多个IP利用xmlrpc.php不停的破解，那们大佬有好的方法？感谢！

opear2008 发表于 2019-2-27 12:12:24

bt后遗症，我的也是

stelics 发表于 2019-2-27 12:12:51

xmlrpc一般用不到，改名或修改文件权限即可。

hang6 发表于 2019-2-27 12:13:33

这个是Wordpress漏洞利用，可能是在破解你的后台也可能是利用Pingback功能dos其他服务器，解决办法删除xmlrpc.php即可

Titan 发表于 2019-2-27 12:14:42

Titan 发表于 2019-2-27 12:14

这个是Wordpress漏洞利用，可能是在破解你的后台也可能是利用Pingback功能dos其他服务器，解决办法删除xmlr ...
好的，谢谢大佬，我试一下。看看

页: [1]

全球主机交流论坛's Archiver

大佬帮忙看看是不是有人在CC我