堆栈内存溢出
  简体   繁体   English

了解Nginx日志语句

[英]Understanding nginx log statement

 原文  2016-07-28 19:46:23       logging/ nginx/ proxy/ error-logging

问题描述

I need some help in understanding following log statement found in /var/log/nginx/error log file. 我需要一些帮助来理解/ var / log / nginx / error日志文件中的以下日志语句。

2016/07/28 14:06:05 [error] 7255#7255: *712 open() "/usr/share/www/proj/check_proxy" failed (2: No such file or directory), client: 180.97.xxx.xxx, server: localhost, request: "GET http://180.163.xxx.xxx/check_proxy HTTP/1.1", host: "180.163.xxx.xxx" 2016/07/28 14:06:05 [错误] 7255#7255:* 712 open()“ / usr / share / www / proj / check_proxy”失败(2:无此类文件或目录),客户端:180.97.xxx .xxx,服务器:本地主机,请求:“ GET http://180.163.xxx.xxx/check_proxy HTTP / 1.1”,主机:“ 180.163.xxx.xxx”

How to read above log message? 如何阅读以上日志信息? Especially what is server and what is host? 特别是什么是服务器,什么是主机? Whenever I try to access the site, GET value in log message starts with slash(/) character. 每当我尝试访问该站点时,日志消息中的GET值都以斜杠(/)字符开头。 But in above log message it shows a URL. 但是在上面的日志消息中,它显示了一个URL。 How can I reproduce above log message? 如何复制以上日志消息?

Interesting points in above log message are host IP is same as ip address in URL besides GET. 上面的日志消息中有趣的一点是主机IP与URL中的IP地址(除了GET外)相同。 nginx conf file doesn't contain localhost server name, yet it appears in server value in above log message. nginx conf文件不包含本地主机服务器名称,但在上述日志消息的服务器值中显示。 All other log messages show host as IP of machine, and server as server_name from nginx configuration file. 其他所有日志消息在nginx配置文件中将主机显示为计算机的IP,将服务器显示为server_name。 Just a few observations based on my limited knowledge. 根据我的有限知识,仅举几例。

Thanks very much in advance. 首先十分感谢。

1 个解决方案

解决方案1
 0  2016-11-16 18:01:51

I saw a similar request today and searched a bit. 我今天看到了类似的要求,并进行了搜索。

Someone tried to access a file called http://180.163.xxx.xxx/check_proxy on your server, ie http://example.com/http://180.163.xxx.xxx/check_proxy , where example.com is your own domain. 有人试图访问服务器上名为http://180.163.xxx.xxx/check_proxy的文件,即http://example.com/http://180.163.xxx.xxx/check_proxy ,其中example.com是您自己的文件域。

This does look like an automated, and maybe misconfigured, scanner is looking for open and vulnerable proxy servers. 这看起来确实是自动的,可能配置错误的扫描程序正在寻找开放且易受攻击的代理服务器。 I assume that normally they would check for http://example.com/check_proxy . 我认为通常他们会检查http://example.com/check_proxy

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 "Nginx理解访问日志专栏" - Nginx understanding access log column 了解Postgres日志列 - Understanding Postgres Log columns 了解IIS 7日志文件 - Understanding IIS 7 log files 了解服务器日志文件 - Understanding server log files 在 tmpfs 上使用 /var/log 的 Nginx - Nginx with /var/log on tmpfs nginx 在 windows 上的日志轮换 - log rotation for nginx on windows Nginx的GoAccess日志格式 - Goaccess log format for nginx 过滤nginx访问日志 - Filter nginx access log 使用goaccess进行nginx日志分析 - nginx log analysis with goaccess Nginx登录到stderr - Nginx log to stderr
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM