从日志分析蜘蛛访问及网站安全情况

lite6 · 发表于 2011-9-3 15:47:01

这段时间由于种种原因，我的博客www.bluefate.org的百度收录一直不理想，不过排名还是一直在不断的上升中，所以今天下载了08.24的网站日志来看看蜘蛛的爬行情况，以下是蜘蛛的来访纪录：

从上图可以看出，百度蜘蛛昨天来了54次，所以可以断定，博客内容已经收录，但是还需要一段时间放出来。这个很可能是我服务器不稳定造成的。
不过在接下来，我查看用户HTTP状态码发现一些问题，请看下面的访问路径：

????????
?状态?
?URL?
????访问量????
????占比%????

?2?
?404?
??
?347?
?23.289?

?1?
?/ WP-CONTENT/ THEMES/ GRASS/ JS/ SWITCHTHEME.JS
?
?196?
?56.484?

?2?
?/ FAVICON.ICO
?
?41?
?11.816?

?3?
?/ WEB.RAR
?
?4?
?1.153?

?4?
?6.0
?
?3?
?0.865?

?5?
?/ CERT/ BAZS.CERT
?
?3?
?0.865?

?6?
?/ 站长资讯
?
?3?
?0.865?

?7?
?/ HTMLEDIT/ ADMIN_LOGIN.ASP
?
?2?
?0.576?

?8?
?/ ADMIN/ EDIT/ ADMIN_LOGIN.ASP
?
?2?
?0.576?

?9?
?/ IMAGES/ UPPIC.ASP
?
?2?
?0.576?

?10?
?/ WWWROOT.RAR
?
?2?
?0.576?

?11?
?/ WEBEDIT/ ADMIN_LOGIN.ASP
?
?2?
?0.576?

?12?
?/ FLASHFXP.RAR
?
?2?
?0.576?

?13?
?/ ADMIN/ EWEBEDITOR/ ADMIN_LOGIN.ASP
?
?2?
?0.576?

?14?
?/ WWW.RAR
?
?2?
?0.576?

?15?
?/ UPFILE_FLASH.ASP
?
?2?
?0.576?

?16?
?/ EDITOR/ ADMIN_LOGIN.ASP
?
?2?
?0.576?

?17?
?/ EWEBEDITOR/ ADMIN_LOGIN.ASP
?
?2?
?0.576?

?18?
?/ ADMIN/ HTMLEDIT/ ADMIN_LOGIN.ASP
?
?2?
?0.576?

?19?
?/ ADMIN/ EDITOR/ ADMIN_LOGIN.ASP
?
?2?
?0.576?

?20?
?/ JS/ HITS.ASP
?
?2?
?0.576?

?21?
?/ ADMINS/ UPFILE_FLASH.ASP
?
?2?
?0.576?

?22?
?/ USERREG.ASP
?
?2?
?0.576?

?23?
?/ NEWSADMIN/ UBB/ ADMIN_LOGIN.ASP
?
?2?
?0.576?

?24?
?/ ADMIN/ UPFILE_FLASH.ASP
?
?2?
?0.576?

?25?
?/ HTDOCS.RAR
?
?2?
?0.576?

?26?
?/ MIRSERVER.RAR
?
?2?
?0.576?

?27?
?/ ADMIN/ UPPIC.ASP
?
?2?
?0.576?

?28?
?/ ADMIN/ TEMP/ FLASH.HTM
?
?2?
?0.576?

?29?
?/ MANAGE/ EWEBEDITOR/ ADMIN_LOGIN.ASP
?
?2?
?0.576?

?30?
?/ WWW.ZIP
?
?2?
?0.576?

?31?
?/ INCLUDE/ UPFILE_FLASH.ASP
?
?2?
?0.576?

?32?
?/ EDIT/ ADMIN_LOGIN.ASP
?
?2?
?0.576?

?33?
?/ LAVERY_EDIT/ ADMIN_LOGIN.ASP
?
?2?
?0.576?

?34?
?/ WEBEDITOR/ ADMIN_LOGIN.ASP
?
?2?
?0.576?

?35?
?/ FCKEDITOR/ EDITOR/ FILEMANAGER/ CONNECTORS/ ASP/ CONNECTOR.ASP
?
?2?
?0.576?

?36?
?/ WIVOWEB.ZIP
?
?1?
?0.288?

?37?
?/ HTMLEDIT/ KDWRADMIN_LOGIN.ASP
?
?1?
?0.288?

?38?
?/ NHCEFLASHFXP.RAR
?
?1?
?0.288?

?39?
?/ SITEMAP.XML
?
?1?
?0.288?

?40?
?/ QMZSHTDOCS.RAR
?
?1?
?0.288?

?41?
?/ RNWJWWW.ZIP
?
?1?
?0.288?

?42?
?/ ADMIN/ EWEBEDITOR/ PCKVADMIN_LOGIN.ASP
?
?1?
?0.288?

?43?
?/ MANAGE/ EWEBEDITOR/ CGKCADMIN_LOGIN.ASP
?
?1?
?0.288?

?44?
?/ WSFDUPFILE_FLASH.ASP
?
?1?
?0.288?

?45?
?/ IMAGES/ UIYUUPPIC.ASP
?
?1?
?0.288?

?46?
?/ EDITOR/ QACOADMIN_LOGIN.ASP
?
?1?
?0.288?

?47?
?/ DXHOJS/ HITS.ASP
?
?1?
?0.288?

?48?
?/ EDITOR/ ADMIN_STYLE.ASP缂
?
?1?
?0.288?

?49?
?/ ?宠??
?
?1?
?0.288?

?50?
?/ DRYAMIRSERVER.RAR
?
?1?
?0.288?

?51?
?/ ADMINS/ HTBGUPFILE_FLASH.ASP
?
?1?
?0.288?

?52?
?/ EDIT/ IXCKADMIN_LOGIN.ASP
?
?1?
?0.288?

?53?
?/ INCLUDE/ HMZXUPFILE_FLASH.ASP
?
?1?
?0.288?

?54?
?/ FCKEDITOR/ EDITOR/ FILEMANAGER/ CONNECTORS/ ASP/ LVCKCONNECTOR.ASP
?
?1?
?0.288?

?55?
?/ ADMIN/ ETUHUPPIC.ASP
?
?1?
?0.288?

?56?
?/ WEB.ZIP
?
?1?
?0.288?

?57?
?/ +B+
?
?1?
?0.288?

?58?
?/ ADMIN/ YGSSUPFILE_FLASH.ASP
?
?1?
?0.288?

?59?
?/ CLHKWEB.RAR
?
?1?
?0.288?

?60?
?/ 1.RAR
?
?1?
?0.288?

?61?
?/ UTXQWWW.RAR
?
?1?
?0.288?

?62?
?/ ZHANZHANGNEWS/
?
?1?
?0.288?

?63?
?/ CUSIUSERREG.ASP
?
?1?
?0.288?

?64?
?/ LHMX1.RAR
?
?1?
?0.288?

?65?
?/ LAVERY_EDIT/ WXNXADMIN_LOGIN.ASP
?
?1?
?0.288?

?66?
?/ ASNWADMIN/ TEMP/ FLASH.HTM
?
?1?
?0.288?

?67?
?/ ADMIN/ EDIT/ HHAAADMIN_LOGIN.ASP
?
?1?
?0.288?

?68?
?/ NEWSADMIN/ UBB/ KIJEADMIN_LOGIN.ASP
?
?1?
?0.288?

?69?
?/ ADMIN/ HTMLEDIT/ ENEBADMIN_LOGIN.ASP
?
?1?
?0.288?

?70?
?/ WEBEDITOR/ QXJKADMIN_LOGIN.ASP
?
?1?
?0.288?

?71?
?/ ADMIN/ EDITOR/ TCBFADMIN_LOGIN.ASP
?
?1?
?0.288?

?72?
?/ DIXN1.ZIP
?
?1?
?0.288?

?73?
?/ WEBEDIT/ BCGTADMIN_LOGIN.ASP
?
?1?
?0.288?

?74?
?/ RJQXWEB.RAR
?
?1?
?0.288?

?75?
?/ ADACWWWROOT.RAR
?
?1?
?0.288?

?76?
?/ EWEBEDITOR/ MEAGADMIN_LOGIN.ASP
?
?1?
?0.288?

可以发现很多asp、rar之类的后缀，我的博客是php的，怎么可能有asp呢，其实有点网络安全经验的就知道，这些都是一些黑客们在测试你网站的漏洞呢，有些是测试你后台的地址，有些是测试编辑器漏洞的，还有些是测试你网站有没有压缩文件的（因为有些网站可能将程序压缩了，黑客下载下来，那就很危险了）。通过这些访问记录，我按照路径打开那些网址，测试一下有没有危险存在，检验证明我的网站还是很安全的，那些漏洞都不存在。对了，有时候能在网站日志里面看到很多union、post之类的语句，这样的也要小心啊。哈哈，这里还要感谢那些黑客们给我上了一课，这一课真的很值得！
所以说网站日志很重要，不仅可以查看搜素引擎的访问情况，也可以得知你的网址是否存在安全隐患。

            感谢
BlueFate
的投稿

		自动登录	找回密码
密码			注册

从日志分析蜘蛛访问及网站安全情况

站长推荐 /1