Home Sign Up Sign In
ixo
V2EX  ›  问与答

在阿里云新装了一个 PHP 程序, nginx 日志一直报 error,是被黑了么?

  •   
  •   ixo · Aug 19, 2015 · 2044 views
    This topic created in 3950 days ago, the information mentioned may be changed or developed.
    PHP 门外汉,程序是 github 官方下的,装了个国人的 zh 语言包, centos,yum 安装的环境。

    日志中 www.0123456.com 指代我的域名, abcdef.aa2.cn 前面的 abcdef 是指代,真实的字符串会 cname 到我的域名。
    请求一分钟 10 次左右,client 的 IP 大概有好几个在变换。
    -------------------------其中一段 nginx 日志----------------------------------------------

    PHP message: PHP Warning: Unknown: Failed to write session data (files ). Please verify that the current setting of session.save_path is correct (/var/lib/php/session ) in Unknown on line 0" while reading upstream, client: 27.221.20.24, server: www.123456.com, request: "GET /jiecao/2013/0625/1322.html HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn", referrer: "http://abcdef.aa2.cn/jiecao/2013/0625/1322.html"

    2015/08/19 00:26:37 [error] 24539#0: *1178 FastCGI sent in stderr: "PHP message: PHP Warning: session_start (): open (/var/lib/php/session/sess_8bc7claol3gq9b0p4scob8tp11, O_RDWR ) failed: Permission denied (13 ) in /www/.../app/users.php on line 146" while reading response header from upstream, client: 220.181.108.152, server: www.123456.com, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "www.123456.com"

    2015/08/19 00:26:37 [error] 24539#0: *1178 FastCGI sent in stderr: "PHP message: PHP Warning: Unknown: open (/var/lib/php/session/sess_8bc7claol3gq9b0p4scob8tp11, O_RDWR ) failed: Permission denied (13 ) in Unknown on line 0


    -----------------------------------------------------------------------
    查到域名所属信息是这个。
    http://whois.chinaz.com/reverse?host=+aa2.cn&ddlSearchMode=0

    这可能是什么情况呢?
  • PHP
  • upstream
  • Unknown
  • fastcgi
    5 replies    2015-08-19 12:05:52 +08:00
    wdd2007
        1
    wdd2007  
       Aug 19, 2015
    不是啊。是你 session 目录没有权限啊。。。
    ixo
        2
    ixo  
    OP
       Aug 19, 2015
    @wdd2007 是爬虫的性质?他这么做的目的是什么?
    程序安装好后,配置里面的默认域名好像是 abcdef.aa2.cn ,没在意就直接改成自己的。
    Starduster
        3
    Starduster  
       Aug 19, 2015   ❤️ 1
    = =是你这网站某个功能需要 PHP 的 session ,而你的 PHP 进程没有那个目录(/var/lib/php/session )的权限,他就在不停的报错,那么每个访问你网站的用到这个功能的人都会触发一次这个 error
    检查你的目录权限和 PHP CGI 进程管理器的属主到底是谁
    ixo
        4
    ixo  
    OP
       Aug 19, 2015
    @Starduster
    变换 client IP,请求一个不存在的 url (日志中的 /jiecao/2013/0625/1322.html ) ,这是爬虫性质的行为?
    可是 host 和 referrer 都不对,很容易被发现并处理啊。

    另,有了解这个 aa2.cn 域名背后的主人这么做,是属于什么模式的买卖么?
    ixo
        5
    ixo  
    OP
       Aug 19, 2015
    虽然我已经把 php-fpm 停了,但请求一直在持续。对这种行为的动机不是很理解- -!
    -------------------
    2015/08/19 11:53:53 [error] 24539#0: *4069 connect () failed (111: Connection refused ) while connecting to upstream, client: 120.52.18.45, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

    2015/08/19 11:53:53 [error] 24539#0: *4071 connect () failed (111: Connection refused ) while connecting to upstream, client: 120.52.18.45, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

    2015/08/19 11:54:50 [error] 24539#0: *4073 connect () failed (111: Connection refused ) while connecting to upstream, client: 120.52.18.45, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

    2015/08/19 11:54:50 [error] 24539#0: *4075 connect () failed (111: Connection refused ) while connecting to upstream, client: 120.52.18.45, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

    2015/08/19 11:56:30 [error] 24539#0: *4077 connect () failed (111: Connection refused ) while connecting to upstream, client: 222.73.144.32, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

    2015/08/19 11:56:30 [error] 24539#0: *4079 connect () failed (111: Connection refused ) while connecting to upstream, client: 222.73.144.32, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

    2015/08/19 11:56:46 [error] 24539#0: *4081 connect () failed (111: Connection refused ) while connecting to upstream, client: 125.88.189.21, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

    2015/08/19 11:56:46 [error] 24539#0: *4083 connect () failed (111: Connection refused ) while connecting to upstream, client: 125.88.189.21, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

    2015/08/19 11:57:16 [error] 24539#0: *4085 connect () failed (111: Connection refused ) while connecting to upstream, client: 125.88.189.21, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"

    2015/08/19 11:57:16 [error] 24539#0: *4087 connect () failed (111: Connection refused ) while connecting to upstream, client: 125.88.189.21, server: www.123456.com, request: "HEAD / HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "abcdef.aa2.cn"
    About   ·   Help   ·   Advertise   ·   Blog   ·   API   ·   FAQ   ·   Solana   ·   1571 Online   Highest 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 33ms · UTC 16:46 · PVG 00:46 · LAX 09:46 · JFK 12:46
    ♥ Do have faith in what you're doing.