本文持续跟踪更新Apache服务器的错误日志中常见的错误类型,为架设维护健壮的Web服务器提供信息支持。
脚本错误AH01071
此类错误跟脚本程序有关,是需要重点关注的,通常可以为修正程序bug提供指导。
AH01071: Got error 'Primary script unknown' AH01071: Got error 'PHP message: PHP Warning: sprintf(): Too few arguments in /var/www/html/wordpress/wp-includes/widgets.php on line 1120' AH01071: Got error 'PHP message: PHP Fatal error: Uncaught Error: Call to undefined function get_header() in /var/www/html/wordpress/wp-content/themes/twentysixteen/404.php' AH01071: Got error 'PHP message: PHP Warning: mysqli_real_connect(): (HY000/2002): Connection timed out in /var/www/html/topvps/wp-includes/wp-db.php on line 1612' AH01071: Got error 'PHP message: PHP Notice: Undefined index: path in /var/www/html/taolang/common/function.php on line 162' AH01071: Got error 'PHP message: PHP Warning: strpos() expects parameter 1 to be string, array given in /var/www/html/topvps/wp-config/wp-db-vps123.php on line 32' AH01071: Got error 'PHP message: PHP Warning: Division by zero in /var/www/html/wordpress/.../index.php on line 603 AH01075: Error dispatching request to : (polling) AH01079: failed to make connection to backend: httpd-UDS
AH01075出现过一次,虽然数量不少,但集中在几分钟内,应该是跟服务器系统和软件升级有关,了解关于此错误更详细的信息,请看:AH01075: Error dispatching request to : (polling)
AH00xxx错误
此类错误跟apache进程的运行、中断、重启有关,重点关注caught SIGTERM,如果大量此类错误/信息,很可能是内存紧张,要考虑升级提升服务器。
AH00094: Command line: '/usr/sbin/apache2' AH00126: Invalid URI in request GET /../../../../../../../../../../../etc/passwd AH00489: Apache/2.4.39 (Ubuntu) OpenSSL/1.1.1b configured -- resuming normal operations AH00489: Apache/2.4.39 (Ubuntu) OpenSSL/1.1.1b mod_wsgi/4.5.2 Python/2.7.12 configured -- resuming normal operations AH00491: caught SIGTERM, shutting down AH00493: SIGUSR1 received. Doing graceful restart
2019-05-11 添加AH00126: Invalid URI in request GET /../../../../../../../../../../../etc/passwd,这是一条无效攻击,意欲获取密码文件,如果以root权限运行web服务器程序,并且网站放在特定路径,允许访问站点根目录的上层目录,是有密码文件被窃取的风险的。
AH01xxx错误
因为我屏蔽了一些恶意IP,所以经常收到此类错误。
AH01630: client denied by server configuration: /var/www/html/wordpress/
AH02xx错误
目前遇到的通常跟建立连接、SSL验证之类的有关。
AH02032: Hostname w provided via SNI and hostname www.cnvultr.net provided via HTTP have no compatible SSL setup AH02042: rejecting client initiated renegotiation AH02454: FCGI: attempt to connect to Unix domain socket /run/php/php7.0-fpm.sock (*) failed
一些特定行为
潜在危险
特定路径访问
今天发现某服务器的IP访问日志中有这么两条:
AH01071: Got error ‘PHP message: PHP Fatal error: Uncaught Error: Call to undefined function get_template_part() in /var/www/html/wordpress/wp-content/themes/twentyseventeen/footer.php:22
AH01071: Got error ‘PHP message: PHP Fatal error: Uncaught Error: Call to undefined function the_ID() in /var/www/html/wordpress/wp-content/themes/twentyfifteen/content-link.php:13
虽然此服务器的IP地址并未绑定wordpress站点,wordpress下某路径的php文件却被访问到了,因为此文件的运行不是从index.php作为入口进行的,所以产生函数依赖错误。虽然暂时没看出什么危险,不过将常见站点程序目录命名为与程序/域名都不直接相等的名称不过举手之劳,也许能起到意想不到的安全防护作用,何乐不为呢?
其它
目前在flask程序日志中会遇到一些此类情形。
mod_wsgi Compiled for Python/2.7.11+. Runtime using Python/2.7.12.
本文修订记录
-- EOF --
本文最后修改于6年前 (2019-05-25)
(No Ratings Yet)
读取中...