问题
I have apache with version 2.22 and have these rare logs with IPs from Japan, Taiwan ...
218.52.178.3 - - [10/Feb/2015:13:48:48 +0100] "\xa6Q\xb0\xce\xf5\b\x15\x05\xd3\xaf\xbe\x1d\xac\xbf\x99lx\xbf\xb0\x16w{\xb3\xf4\xa5%\xd6\x16\xd0\x15\xd5\xfa\xcbqo\xae9\xc2\x13\xf5&\x91\xb7\x90\xa1\xe5W\xe3" 200 62
98.119.71.85 - - [10/Feb/2015:15:48:47 +0100] "\x86}\x12%\xe8<\xc9\xb8\xed\xb9\x9d4j+0-\x19\xb9\xd3\xafA\xa9@7\x04q\x17\xe3\xa4\x87\xd3\t\x04\x92\x8493X\xd3H?\xf1\xb8\x96\x11\xbf\xc9\xddQ" 400 226
Does anyone know what they mean?
回答1:
This is some kind of crawler, checking for vulnerabilities. You can block them by IP. Howevere They change the IP constantly.
Create a .htaccess file in your Document root and insert this in to it
Order Deny,Allow
Deny from 218.52.178.3
Deny from 98.119.71.85
If you have access to your firewall you can block hem from there. Each firewall has a different way to block IPs.
回答2:
This is the requests made in Eastern languages by UTF encoding. Hieroglyphs . Apache converts it to english letters. They can be decoded to origin using some online services.
来源:https://stackoverflow.com/questions/28941838/strange-logs-in-apache