Apache-2.2

停止伺服器用作代理

  • March 14, 2013

我有一個 vps 伺服器,我在其上將 apache 配置為網路伺服器。由於意外的高頻寬使用,我昨天檢查了我的伺服器的訪問日誌。有很多表格的請求

184.22.43.216 - - [14/Mar/2013:21:24:44 +0530] "GET http://s.youtube.com/s?abd=1&bc=71802&bd=69&bt=115.352&cfps=24&cr=US&decoding=accelerated&el=embedded&eurl=http%3A%2F%2Fwww.facebook.com&mos=0&pixel_ratio=1&fs=0&nsiabblmax=7778.000&nsiabblmean=3985.000&nsiabblmin=2425.000&nsivbblc=67&nsivbblmax=17694.000&nsivbblmean=9481.000&nsivbblmin=3178.000&hbd=19797274&hbt=43.379&tsphab=1&tspfdt=2398&hasstoryboard=1&rmkt=1&len=316&docid=YpEqFE5Buas&lact=16412&vtmp=1&ptk=youtube_none&fexp=916408,919319,914070,916623,920704,912806,902000,919512,929901,913605,925006,906938,931202,931203,931401,908529,930803,920201,930101,930603&vq=auto&rendering=software&scoville=1&volume=88&fmt=34&uga=f55&autoplay=0&rt=14.289&sendtmp=1&plid=AATX5Ina-G9GwpNm&w=640&h=360&csipt=watch7&sourceid=y&screenh=1200&screenw=1800&sd=BD5980145HH1354750963912754&nsiabblc=124&md=1&et=10.289&ns=yt&sw=0.1&playerh=390&playerw=640&st=0&subscribed=1&tpmt=14&vh=360&vw=640&tspne=0&ldpj=0&idpj=0&hl=en_US&vid=KlVx6rUvP2me1GNGjHGXYgNRXQq8TI3nC HTTP/1.1" 204 -
184.22.43.216 - - [14/Mar/2013:21:24:46 +0530] "GET http://s.youtube.com/s?nsiabblmax=7861.000&nsiabblmean=3995.000&nsiabblmin=2452.000&nsivbblc=66&nsivbblmax=17869.000&nsivbblmean=9528.000&nsivbblmin=3223.000&hbd=19867394&hbt=45.386&tsphab=1&tspfdt=2610&hasstoryboard=1&rmkt=1&len=136&docid=6FFK5aN6vEI&lact=15679&vtmp=1&abd=1&bc=78858&bd=67&bt=113.318&cfps=21&cr=US&decoding=accelerated&el=embedded&eurl=http%3A%2F%2Fwww.facebook.com&mos=0&pixel_ratio=1&fs=0&ptk=youtube_none&fexp=923415,920507,914051,920704,912806,902000,919512,929901,913605,925006,906938,931202,931401,908529,930803,920201,930101,930603,926403&vq=auto&rendering=software&scoville=1&volume=86&fmt=34&uga=f58&autoplay=0&rt=14.263&sendtmp=1&plid=AATX5IoBj_BwzUFQ&w=640&h=360&csipt=watch7&sourceid=y&screenh=1200&screenw=1900&sd=BD5980145HH1354750963912806&nsiabblc=123&md=1&et=10.263&ns=yt&sw=0.1&playerh=390&playerw=640&st=0&subscribed=1&tpmt=13&vh=360&vw=640&tspne=0&ldpj=0&idpj=0&hl=en_US&vid=-CPztaAkCxyQ-ipOBWFLyFxzqPMiqNJdC HTTP/1.1" 204 -
184.22.61.244 - - [14/Mar/2013:21:24:51 +0530] "GET http://s.youtube.com/s?nsiabblmax=7551.000&nsiabblmean=3881.000&nsiabblmin=2372.000&nsivbblc=61&nsivbblmax=17255.000&nsivbblmean=9316.000&nsivbblmin=3059.000&hbd=19676987&hbt=40.367&tsphab=1&tspfdt=2044&hasstoryboard=1&rmkt=1&len=267&docid=hzS--rbPJfA&lact=15212&vtmp=1&abd=1&bc=60700&bd=65&bt=110.295&cfps=19&cr=US&decoding=accelerated&el=embedded&eurl=http%3A%2F%2Fwww.facebook.com&mos=0&pixel_ratio=1&fs=0&ptk=youtube_none&fexp=910207,916714,916624,901448,920704,912806,902000,919512,929901,913605,925006,906938,931202,931401,908529,930803,920201,930101,930603,926403&vq=auto&rendering=software&scoville=1&volume=84&fmt=34&uga=f49&autoplay=0&rt=13.246&sendtmp=1&plid=AATX5IpJcG0R-mCK&w=640&h=360&csipt=watch7&sourceid=y&screenh=1100&screenw=1600&sd=BD5980145HH1354750963912669&md=1&et=10.246&ns=yt&sw=0.1&playerh=390&playerw=640&st=0&subscribed=1&tpmt=13&vh=360&vw=640&tspne=0&ldpj=0&idpj=0&hl=en_US&vid=5pcfUVcE9HP_VyZ768SQvb84dLg3yP5xC HTTP/1.1" 204 -
184.82.179.79 - - [14/Mar/2013:21:24:53 +0530] "GET http://s.youtube.com/s?ptk=vevo&fexp=900225,901803,931902,919360,929221,916624,920704,912806,902000,919512,929901,913605,925006,906938,931202,931401,908529,930803,920201,930101,930603&vq=auto&rendering=software&scoville=1&volume=92&fmt=34&uga=m28&autoplay=0&rt=11.321&sendtmp=1&plid=AATX5Ipzt705I6rw&w=640&h=360&csipt=watch7&sourceid=y&screenh=600&screenw=800&sd=BADC23E01HH1353129541108137&nsiabblc=116&abd=1&bc=20351&bd=73&bt=114.396&cfps=28&cr=US&decoding=accelerated&el=embedded&eurl=http%3A%2F%2Fwww.vevo.com&mos=0&pixel_ratio=1&fs=0&nsiabblmax=6713.000&nsiabblmean=3652.000&nsiabblmin=2136.000&nsivbblc=52&nsivbblmax=15552.000&nsivbblmean=8782.000&nsivbblmin=2609.000&hbd=19065843&hbt=21.306&tsphab=1&tspfdt=276&hasstoryboard=1&rmkt=1&len=281&docid=6cfCgLgiFDM&lact=17319&vtmp=1&md=1&et=10.321&ns=yt&sw=0.1&playerh=390&playerw=640&st=0&subscribed=1&tpmt=14&vh=360&vw=640&tspne=0&ldpj=0&idpj=0&hl=en_US&vid=9blcMb6bjX2hMCYOgqW6igoFZLksLbjaC HTTP/1.1" 204 -
64.120.216.123 - - [14/Mar/2013:21:24:54 +0530] "GET http://s.youtube.com/s?ptk=youtube_none&fexp=906073,910207,914028,916623,901478,920704,912806,902000,919512,929901,913605,925006,906938,931202,931401,908529,930803,920201,929602,930101,930603&vq=auto&rendering=software&scoville=1&volume=99&fmt=34&uga=f46&autoplay=0&rt=13.390&sendtmp=1&plid=AATX5Ip_78b4gOUe&w=640&h=360&csipt=watch7&sourceid=y&screenh=1000&screenw=1500&sd=BD5980145HH1354750963912418&nsiabblc=132&abd=1&bc=54657&bd=80&bt=124.488&cfps=37&cr=US&decoding=accelerated&el=embedded&eurl=http%3A%2F%2Fwww.facebook.com&mos=0&pixel_ratio=1&fs=0&nsiabblmax=7587.000&nsiabblmean=3989.000&nsiabblmin=2358.000&nsivbblc=69&nsivbblmax=17277.000&nsivbblmean=9388.000&nsivbblmin=3073.000&hbd=19596986&hbt=37.359&tsphab=1&tspfdt=1832&hasstoryboard=1&rmkt=1&len=200&docid=pJXheCgkchw&lact=19251&vtmp=1&md=1&et=10.390&ns=yt&sw=0.1&playerh=390&playerw=640&st=0&subscribed=1&tpmt=15&vh=360&vw=640&tspne=0&ldpj=0&idpj=0&hl=en_US&vid=2vEyOpur01CJtruUvqlVIvOIQr0FTOMKC HTTP/1.1" 204 -
78.46.137.25 - - [14/Mar/2013:21:25:00 +0530] "GET http://www.bing.com/ HTTP/1.1" 200 33113
184.82.122.169 - - [14/Mar/2013:21:25:01 +0530] "GET http://www.youtube.com/embed/78jAjtmvXWQ HTTP/1.1" 200 10048
184.82.122.169 - - [14/Mar/2013:21:25:02 +0530] "GET http://www.youtube.com/get_video_info?hl=en_US&eurl=http%3A%2F%2Fwww.facebook.com&sts=357363693998&asv=3&video_id=78jAjtmvXWQ&el=embedded HTTP/1.1" 200 22098
184.82.122.169 - - [14/Mar/2013:21:25:03 +0530] "GET http://www.youtube.com/user_watch?eurl=http%3A%2F%2Fwww.facebook.com&asv=3&video_id=78jAjtmvXWQ&el=embedded&fmt=5&plid=AATX5Iuz5PNfbkoc&t=vjVQa1PpcFOp1CuOTsq4vqJKYxpXj4OSdkeZLzM_nXg= HTTP/1.1" 204 -

與代理相關的伺服器配置部分如下

NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin serverOps@example.in
DocumentRoot /var/www/example/production
ServerName www.example.in
ServerAlias www.example.in

SetEnv proxy-initial-not-pooled 1
ErrorLog logs/production.example.in-error_log
CustomLog logs/production.example.in-access_log common
<Directory "var/www/example/production">
 AllowOverride All
</Directory>

</VirtualHost>
<VirtualHost *:80>
ServerAdmin serverOps@example.in
DocumentRoot    /var/www/html
ServerName  dev.example.in
ServerAlias dev.example.in
ErrorLog    logs/develop.example.in-error_log
CustomLog   logs/develop.example.in-access_log common

php_value short_open_tag On 
SetEnv proxy-initial-not-pooled 1
<Directory "/var/www/html">
   AllowOverride All

</Directory>
ProxyPass /jarPubSub htttp://localhost:8002 retry=1 timeout=600 acquire=3000 Keepalive=On
ProxyPassReverse /jarPubSub http://localhost:8002
</VirtualHost>
<VirtualHost *:80>
ServerAdmin serverops@example.in
DocumentRoot /var/www/example/staging
ServerName stage.example.in
ErrorLog logs/stage.example.in-error_log
CustomLog logs/stage.example.in-access_log common

php_value short_open_tag On
SetEnv proxy-initial-not-pooled 1
<Directory "var/www/example/staging">
   AllowOverride All
</Directory>

ProxyPass /jarvis http://localhost:8001 
ProxyPassReverse /jarvis http://localhost:8001

ProxyPass /jarPubSub http://localhost:8002
ProxyPassReverse /jarPubSub http://localhost:8002
</VirtualHost>
ProxyRequests On
ProxyPass /example-rtw  http://example.in:7070/http-bind/ 
ProxyPassReverse /example-rtw http://example.in:7070/http-bind/ 

ProxyPass /jarvis http://localhost:8001 retry=0 timeout=5 Keepalive=On
ProxyPassReverse /jarvis  http://localhost:8001

ProxyPass /jarPubSub http://localhost:8002 retry=0 timeout=5 Keepalive=On
ProxyPassReverse /jarPubSub http://localhost:8002

我擁有的頻寬報告具有幾乎相同數量的傳入和傳出數據。訪問日誌和頻寬報告讓我推斷我的伺服器被用作代理。

我怎樣才能防止這種情況?

ProxyRequests On

該指令啟用轉發代理,這就是 Apache 允許您看到的請求的原因。該指令對於反向代理(即ProxyPass)不是必需的,因此您不應啟用它。刪除此行或將其更改為off.

引用自:https://serverfault.com/questions/487840