从日志分析蜘蛛访问及网站安全情况
这段时间由于种种原因,我的博客www.bluefate.org的百度收录一直不理想,不过排名还是一直在不断的上升中,所以今天下载了08.24的网站日志来看看蜘蛛的爬行情况,以下是蜘蛛的来访纪录:http://upload.chinaz.com/2011/0825/1314251211518.jpg
从上图可以看出,百度蜘蛛昨天来了54次,所以可以断定,博客内容已经收录,但是还需要一段时间放出来。这个很可能是我服务器不稳定造成的。
不过在接下来,我查看用户HTTP状态码发现一些问题,请看下面的访问路径:
????????
?状态?
?URL?
????访问量????
????占比%????
?2?
?404?
??
?347?
?23.289?
?1?
?/ WP-CONTENT/ THEMES/ GRASS/ JS/ SWITCHTHEME.JS
?
?196?
?56.484?
?2?
?/ FAVICON.ICO
?
?41?
?11.816?
?3?
?/ WEB.RAR
?
?4?
?1.153?
?4?
?6.0
?
?3?
?0.865?
?5?
?/ CERT/ BAZS.CERT
?
?3?
?0.865?
?6?
?/ 站长资讯
?
?3?
?0.865?
?7?
?/ HTMLEDIT/ ADMIN_LOGIN.ASP
?
?2?
?0.576?
?8?
?/ ADMIN/ EDIT/ ADMIN_LOGIN.ASP
?
?2?
?0.576?
?9?
?/ IMAGES/ UPPIC.ASP
?
?2?
?0.576?
?10?
?/ WWWROOT.RAR
?
?2?
?0.576?
?11?
?/ WEBEDIT/ ADMIN_LOGIN.ASP
?
?2?
?0.576?
?12?
?/ FLASHFXP.RAR
?
?2?
?0.576?
?13?
?/ ADMIN/ EWEBEDITOR/ ADMIN_LOGIN.ASP
?
?2?
?0.576?
?14?
?/ WWW.RAR
?
?2?
?0.576?
?15?
?/ UPFILE_FLASH.ASP
?
?2?
?0.576?
?16?
?/ EDITOR/ ADMIN_LOGIN.ASP
?
?2?
?0.576?
?17?
?/ EWEBEDITOR/ ADMIN_LOGIN.ASP
?
?2?
?0.576?
?18?
?/ ADMIN/ HTMLEDIT/ ADMIN_LOGIN.ASP
?
?2?
?0.576?
?19?
?/ ADMIN/ EDITOR/ ADMIN_LOGIN.ASP
?
?2?
?0.576?
?20?
?/ JS/ HITS.ASP
?
?2?
?0.576?
?21?
?/ ADMINS/ UPFILE_FLASH.ASP
?
?2?
?0.576?
?22?
?/ USERREG.ASP
?
?2?
?0.576?
?23?
?/ NEWSADMIN/ UBB/ ADMIN_LOGIN.ASP
?
?2?
?0.576?
?24?
?/ ADMIN/ UPFILE_FLASH.ASP
?
?2?
?0.576?
?25?
?/ HTDOCS.RAR
?
?2?
?0.576?
?26?
?/ MIRSERVER.RAR
?
?2?
?0.576?
?27?
?/ ADMIN/ UPPIC.ASP
?
?2?
?0.576?
?28?
?/ ADMIN/ TEMP/ FLASH.HTM
?
?2?
?0.576?
?29?
?/ MANAGE/ EWEBEDITOR/ ADMIN_LOGIN.ASP
?
?2?
?0.576?
?30?
?/ WWW.ZIP
?
?2?
?0.576?
?31?
?/ INCLUDE/ UPFILE_FLASH.ASP
?
?2?
?0.576?
?32?
?/ EDIT/ ADMIN_LOGIN.ASP
?
?2?
?0.576?
?33?
?/ LAVERY_EDIT/ ADMIN_LOGIN.ASP
?
?2?
?0.576?
?34?
?/ WEBEDITOR/ ADMIN_LOGIN.ASP
?
?2?
?0.576?
?35?
?/ FCKEDITOR/ EDITOR/ FILEMANAGER/ CONNECTORS/ ASP/ CONNECTOR.ASP
?
?2?
?0.576?
?36?
?/ WIVOWEB.ZIP
?
?1?
?0.288?
?37?
?/ HTMLEDIT/ KDWRADMIN_LOGIN.ASP
?
?1?
?0.288?
?38?
?/ NHCEFLASHFXP.RAR
?
?1?
?0.288?
?39?
?/ SITEMAP.XML
?
?1?
?0.288?
?40?
?/ QMZSHTDOCS.RAR
?
?1?
?0.288?
?41?
?/ RNWJWWW.ZIP
?
?1?
?0.288?
?42?
?/ ADMIN/ EWEBEDITOR/ PCKVADMIN_LOGIN.ASP
?
?1?
?0.288?
?43?
?/ MANAGE/ EWEBEDITOR/ CGKCADMIN_LOGIN.ASP
?
?1?
?0.288?
?44?
?/ WSFDUPFILE_FLASH.ASP
?
?1?
?0.288?
?45?
?/ IMAGES/ UIYUUPPIC.ASP
?
?1?
?0.288?
?46?
?/ EDITOR/ QACOADMIN_LOGIN.ASP
?
?1?
?0.288?
?47?
?/ DXHOJS/ HITS.ASP
?
?1?
?0.288?
?48?
?/ EDITOR/ ADMIN_STYLE.ASP缂
?
?1?
?0.288?
?49?
?/ ?宠??
?
?1?
?0.288?
?50?
?/ DRYAMIRSERVER.RAR
?
?1?
?0.288?
?51?
?/ ADMINS/ HTBGUPFILE_FLASH.ASP
?
?1?
?0.288?
?52?
?/ EDIT/ IXCKADMIN_LOGIN.ASP
?
?1?
?0.288?
?53?
?/ INCLUDE/ HMZXUPFILE_FLASH.ASP
?
?1?
?0.288?
?54?
?/ FCKEDITOR/ EDITOR/ FILEMANAGER/ CONNECTORS/ ASP/ LVCKCONNECTOR.ASP
?
?1?
?0.288?
?55?
?/ ADMIN/ ETUHUPPIC.ASP
?
?1?
?0.288?
?56?
?/ WEB.ZIP
?
?1?
?0.288?
?57?
?/ +B+
?
?1?
?0.288?
?58?
?/ ADMIN/ YGSSUPFILE_FLASH.ASP
?
?1?
?0.288?
?59?
?/ CLHKWEB.RAR
?
?1?
?0.288?
?60?
?/ 1.RAR
?
?1?
?0.288?
?61?
?/ UTXQWWW.RAR
?
?1?
?0.288?
?62?
?/ ZHANZHANGNEWS/
?
?1?
?0.288?
?63?
?/ CUSIUSERREG.ASP
?
?1?
?0.288?
?64?
?/ LHMX1.RAR
?
?1?
?0.288?
?65?
?/ LAVERY_EDIT/ WXNXADMIN_LOGIN.ASP
?
?1?
?0.288?
?66?
?/ ASNWADMIN/ TEMP/ FLASH.HTM
?
?1?
?0.288?
?67?
?/ ADMIN/ EDIT/ HHAAADMIN_LOGIN.ASP
?
?1?
?0.288?
?68?
?/ NEWSADMIN/ UBB/ KIJEADMIN_LOGIN.ASP
?
?1?
?0.288?
?69?
?/ ADMIN/ HTMLEDIT/ ENEBADMIN_LOGIN.ASP
?
?1?
?0.288?
?70?
?/ WEBEDITOR/ QXJKADMIN_LOGIN.ASP
?
?1?
?0.288?
?71?
?/ ADMIN/ EDITOR/ TCBFADMIN_LOGIN.ASP
?
?1?
?0.288?
?72?
?/ DIXN1.ZIP
?
?1?
?0.288?
?73?
?/ WEBEDIT/ BCGTADMIN_LOGIN.ASP
?
?1?
?0.288?
?74?
?/ RJQXWEB.RAR
?
?1?
?0.288?
?75?
?/ ADACWWWROOT.RAR
?
?1?
?0.288?
?76?
?/ EWEBEDITOR/ MEAGADMIN_LOGIN.ASP
?
?1?
?0.288?
可以发现很多asp、rar之类的后缀,我的博客是php的,怎么可能有asp呢,其实有点网络安全经验的就知道,这些都是一些黑客们在测试你网站的漏洞呢,有些是测试你后台的地址,有些是测试编辑器漏洞的,还有些是测试你网站有没有压缩文件的(因为有些网站可能将程序压缩了,黑客下载下来,那就很危险了)。通过这些访问记录,我按照路径打开那些网址,测试一下有没有危险存在,检验证明我的网站还是很安全的,那些漏洞都不存在。对了,有时候能在网站日志里面看到很多union、post之类的语句,这样的也要小心啊。哈哈,这里还要感谢那些黑客们给我上了一课,这一课真的很值得!
所以说网站日志很重要,不仅可以查看搜素引擎的访问情况,也可以得知你的网址是否存在安全隐患。
感谢
BlueFate
的投稿
页:
[1]