在阿里云新装了一个 PHP 程序, nginx 日志一直报 error,是被黑了么?

2015-08-19 00:33:59 +08:00
 microget
PHP 门外汉,程序是 github 官方下的,装了个国人的 zh 语言包, centos,yum 安装的环境。

日志中 www.0123456.com 指代我的域名, abcdef.aa2.cn 前面的 abcdef 是指代,真实的字符串会 cname 到我的域名。
请求一分钟 10 次左右,client 的 IP 大概有好几个在变换。
-------------------------其中一段 nginx 日志----------------------------------------------

PHP message: PHP Warning: Unknown: Failed to write session data (files ). Please verify that the current setting of session.save_path is correct (/var/lib/php/session ) in Unknown on line 0" while reading upstream, client: 27.221.20.24, server: www.123456.com, request: "GET /jiecao/2013/0625/1322.html HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn", referrer: "http://abcdef.aa2.cn/jiecao/2013/0625/1322.html"

2015/08/19 00:26:37 [error] 24539#0: *1178 FastCGI sent in stderr: "PHP message: PHP Warning: session_start (): open (/var/lib/php/session/sess_8bc7claol3gq9b0p4scob8tp11, O_RDWR ) failed: Permission denied (13 ) in /www/.../app/users.php on line 146" while reading response header from upstream, client: 220.181.108.152, server: www.123456.com, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "www.123456.com"

2015/08/19 00:26:37 [error] 24539#0: *1178 FastCGI sent in stderr: "PHP message: PHP Warning: Unknown: open (/var/lib/php/session/sess_8bc7claol3gq9b0p4scob8tp11, O_RDWR ) failed: Permission denied (13 ) in Unknown on line 0


-----------------------------------------------------------------------
查到域名所属信息是这个。
http://whois.chinaz.com/reverse?host=+aa2.cn&ddlSearchMode=0

这可能是什么情况呢?
1638 次点击
所在节点    问与答
5 条回复
wdd2007
2015-08-19 00:35:03 +08:00
不是啊。是你 session 目录没有权限啊。。。
microget
2015-08-19 00:38:26 +08:00
@wdd2007 是爬虫的性质?他这么做的目的是什么?
程序安装好后,配置里面的默认域名好像是 abcdef.aa2.cn ,没在意就直接改成自己的。
Starduster
2015-08-19 04:41:47 +08:00
= =是你这网站某个功能需要 PHP 的 session ,而你的 PHP 进程没有那个目录(/var/lib/php/session )的权限,他就在不停的报错,那么每个访问你网站的用到这个功能的人都会触发一次这个 error
检查你的目录权限和 PHP CGI 进程管理器的属主到底是谁
microget
2015-08-19 10:48:04 +08:00
@Starduster
变换 client IP,请求一个不存在的 url (日志中的 /jiecao/2013/0625/1322.html ) ,这是爬虫性质的行为?
可是 host 和 referrer 都不对,很容易被发现并处理啊。

另,有了解这个 aa2.cn 域名背后的主人这么做,是属于什么模式的买卖么?
microget
2015-08-19 12:05:52 +08:00
虽然我已经把 php-fpm 停了,但请求一直在持续。对这种行为的动机不是很理解- -!
-------------------
2015/08/19 11:53:53 [error] 24539#0: *4069 connect () failed (111: Connection refused ) while connecting to upstream, client: 120.52.18.45, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

2015/08/19 11:53:53 [error] 24539#0: *4071 connect () failed (111: Connection refused ) while connecting to upstream, client: 120.52.18.45, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

2015/08/19 11:54:50 [error] 24539#0: *4073 connect () failed (111: Connection refused ) while connecting to upstream, client: 120.52.18.45, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

2015/08/19 11:54:50 [error] 24539#0: *4075 connect () failed (111: Connection refused ) while connecting to upstream, client: 120.52.18.45, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

2015/08/19 11:56:30 [error] 24539#0: *4077 connect () failed (111: Connection refused ) while connecting to upstream, client: 222.73.144.32, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

2015/08/19 11:56:30 [error] 24539#0: *4079 connect () failed (111: Connection refused ) while connecting to upstream, client: 222.73.144.32, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

2015/08/19 11:56:46 [error] 24539#0: *4081 connect () failed (111: Connection refused ) while connecting to upstream, client: 125.88.189.21, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

2015/08/19 11:56:46 [error] 24539#0: *4083 connect () failed (111: Connection refused ) while connecting to upstream, client: 125.88.189.21, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

2015/08/19 11:57:16 [error] 24539#0: *4085 connect () failed (111: Connection refused ) while connecting to upstream, client: 125.88.189.21, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

2015/08/19 11:57:16 [error] 24539#0: *4087 connect () failed (111: Connection refused ) while connecting to upstream, client: 125.88.189.21, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/214164

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX