```
195.54.160.77 - - [05/May/2020:12:49:57 +0800] "\x03\x00\x00/*\xE0\x00\x00\x00\x00\x00Cookie: mstshash=Administr" 400 150 "-" "-"
195.54.160.77 - - [05/May/2020:12:49:58 +0800] "\x03\x00\x00/*\xE0\x00\x00\x00\x00\x00Cookie: mstshash=Administr" 400 150 "-" "-"
150.136.210.90 - - [05/May/2020:12:53:46 +0800] "GET /console HTTP/1.1" 200 2311 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
150.136.210.90 - - [05/May/2020:12:53:47 +0800] "GET /cgi-bin/test-cgi HTTP/1.1" 200 2311 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
150.136.210.90 - - [05/May/2020:12:53:48 +0800] "GET / HTTP/1.1" 200 2311 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
150.136.210.90 - - [05/May/2020:12:53:49 +0800] "GET /horde/imp/test.php HTTP/1.1" 404 146 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
150.136.210.90 - - [05/May/2020:12:53:49 +0800] "GET /login.action HTTP/1.1" 200 2311 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
150.136.210.90 - - [05/May/2020:12:53:51 +0800] "GET /login?from=0.000000 HTTP/1.1" 200 2311 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
150.136.210.90 - - [05/May/2020:12:53:52 +0800] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 146 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
150.136.210.90 - - [05/May/2020:12:53:53 +0800] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 146 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
150.136.210.90 - - [05/May/2020:12:53:53 +0800] "GET /login/do_login HTTP/1.1" 200 2311 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
115.29.179.82 - - [05/May/2020:13:12:16 +0800] "GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=busybox&curpath=/¤tsetting.htm=1 HTTP/1.1" 400 150 "-" "Mozilla/5.0"
162.243.142.133 - - [05/May/2020:13:34:29 +0800] "GET /hudson HTTP/1.1" 200 1152 "-" "Mozilla/5.0 zgrab/0.x"
47.101.202.181 - - [05/May/2020:13:34:53 +0800] "GET /phpmyadmin/ HTTP/1.1" 200 2311 "-" "-"
47.101.202.181 - - [05/May/2020:13:34:53 +0800] "GET /pmd/ HTTP/1.1" 200 2311 "-" "-"
47.101.202.181 - - [05/May/2020:13:34:53 +0800] "GET /pma/ HTTP/1.1" 200 2311 "-" "-"
```
网站有Php的环境, centos 7 ,用宝塔来运维,程序主要是由springboot提供API+一个前端项目
想问问大家 :
1. mstshash=Administr 400 150 (日志第一条)这样的请求还需要去封ip吗, 我百度了一下是对thinkphp的漏洞攻击,但具体不太清楚
2. GET /console HTTP/1.1" 200 2311 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"这种上来就访问/phpMyAdmin 或者 /console的接口 网站竟然返回了200 ,想问问有无风险?
谢谢大家
有疑问加站长微信联系(非本文作者)