Solicitações estranhas com server_name e porta 25 erradas no apache / php

Navegue suas respostas
1

Se eu tentar telnet [myserver.mydomain.com] 25 , obtenho 

Trying [ip number]...
telnet: Unable to connect to remote host: Connection refused

mas ainda recebo solicitações estranhas como as seguintes var_dump($_SERVER) , onde parece que elas se conectaram a 25 (!?) e incorretamente pensam que o nome do servidor é mx3.mail2000.com.tw ou mta6.am0.yahoodns.net . Por quê? Qual o significado disso? A porta 25 está aberta? O que o usuário remoto ou o computador está tentando fazer e o que devo fazer sobre isso? 

    [_SERVER] => Array
    (
        [SCRIPT_URL] => /
        [SCRIPT_URI] => http://mx3.mail2000.com.tw:25/
        [PATH] => /sbin:/usr/sbin:/bin:/usr/bin
        [SERVER_SIGNATURE] => <address>Apache/2.2.15 (CentOS) Server at mx3.mail2000.com.tw Port 25</address>

        [SERVER_SOFTWARE] => Apache/2.2.15 (CentOS)
        [SERVER_NAME] => mx3.mail2000.com.tw
        [SERVER_ADDR] => 178.[rest of ip number]
        [SERVER_PORT] => 25
        [REMOTE_ADDR] => 61.228.28.159
        [DOCUMENT_ROOT] => /var/www/html/[some/dirs]
        [SERVER_ADMIN] => webmaster@[subdomain.servername.topdomain]
        [SCRIPT_FILENAME] => /var/www/html/[some/dirs]/index.php
        [REMOTE_PORT] => 2913
        [GATEWAY_INTERFACE] => CGI/1.1
        [SERVER_PROTOCOL] => HTTP/1.0
        [REQUEST_METHOD] => CONNECT
        [QUERY_STRING] =>
        [REQUEST_URI] => mx3.mail2000.com.tw:25
        [SCRIPT_NAME] => /index.php
        [PHP_SELF] => /index.php
        [REQUEST_TIME] => 1406423398
    )

Aqui estão os dados para outra solicitação estranha de outro computador remoto: 

    [_SERVER] => Array
    (
        [SCRIPT_URL] => /
        [SCRIPT_URI] => http://mta6.am0.yahoodns.net:25/
        [PATH] => /sbin:/usr/sbin:/bin:/usr/bin
        [SERVER_SIGNATURE] => <address>Apache/2.2.15 (CentOS) Server at mta6.am0.yahoodns.net Port 25</address>

        [SERVER_SOFTWARE] => Apache/2.2.15 (CentOS)
        [SERVER_NAME] => mta6.am0.yahoodns.net
        [SERVER_ADDR] => 178.[rest of ip number]
        [SERVER_PORT] => 25
        [REMOTE_ADDR] => 111.241.28.240
        [DOCUMENT_ROOT] => /var/www/html/[some/dirs]
        [SERVER_ADMIN] => webmaster@[subdomain.servername.topdomain]
        [SCRIPT_FILENAME] => /var/www/html/[some/dirs]/index.php
        [REMOTE_PORT] => 2658
        [GATEWAY_INTERFACE] => CGI/1.1
        [SERVER_PROTOCOL] => HTTP/1.0
        [REQUEST_METHOD] => CONNECT
        [QUERY_STRING] =>
        [REQUEST_URI] => mta6.am0.yahoodns.net:25
        [SCRIPT_NAME] => /index.php
        [PHP_SELF] => /index.php
        [REQUEST_TIME] => 1406318351
    )

Editar: access_log : 

>cat access_log* | egrep -i "yahoodns|mail2000" | sort -g
1.163.222.123 - - [21/Jul/2014:13:55:03 +0200] "CONNECT mx0.mail2000.com.tw:25 HTTP/1.0" 404 380 "-" "-"
1.163.222.196 - - [26/Jul/2014:14:32:23 +0200] "CONNECT mx0.mail2000.com.tw:25 HTTP/1.0" 404 17985 "-" "-"
1.163.5.130 - - [21/Jul/2014:17:54:53 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 380 "-" "-"
61.228.16.187 - - [22/Jul/2014:18:11:53 +0200] "CONNECT mta6.am0.yahoodns.net:25 HTTP/1.0" 404 18046 "-" "-"
61.228.22.8 - - [19/Jul/2014:19:29:06 +0200] "CONNECT mx2.mail2000.com.tw:25 HTTP/1.0" 404 380 "-" "-"
61.228.28.159 - - [27/Jul/2014:03:09:58 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 18014 "-" "-"
61.228.88.169 - - [27/Jul/2014:16:55:47 +0200] "CONNECT mx2.mail2000.com.tw:25 HTTP/1.0" 404 18014 "-" "-"
61.231.84.4 - - [25/Jul/2014:10:57:42 +0200] "CONNECT mta6.am0.yahoodns.net:25 HTTP/1.0" 404 18042 "-" "-"
61.231.86.68 - - [18/Jul/2014:15:27:48 +0200] "CONNECT mx0.mail2000.com.tw:25 HTTP/1.0" 404 380 "-" "-"
111.241.28.240 - - [25/Jul/2014:21:59:11 +0200] "CONNECT mta6.am0.yahoodns.net:25 HTTP/1.0" 404 18048 "-" "-"
111.241.34.142 - - [23/Jul/2014:21:05:13 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 18016 "-" "-"
111.241.38.175 - - [24/Jul/2014:03:36:21 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 18016 "-" "-"
111.241.47.165 - - [22/Jul/2014:23:56:08 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 18016 "-" "-"
111.248.113.63 - - [28/Jul/2014:01:04:51 +0200] "CONNECT mx3.mail2000.com.tw:25 HTTP/1.0" 404 18016 "-" "-"
111.248.118.145 - - [22/Jul/2014:11:29:29 +0200] "CONNECT mta5.am0.yahoodns.net:25 HTTP/1.0" 404 380 "-" "-"
111.248.118.41 - - [20/Jul/2014:02:13:28 +0200] "CONNECT mx0.mail2000.com.tw:25 HTTP/1.0" 404 380 "-" "-"
111.248.118.67 - - [26/Jul/2014:02:08:52 +0200] "CONNECT mta6.am0.yahoodns.net:25 HTTP/1.0" 404 18048 "-" "-"
>

Aqui está a parte que eu acho que foi alterada httpd.conf : 

# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
<VirtualHost *:80>
    ServerAdmin webmaster@[domain1].com
    DocumentRoot /var/www/html/[domain1]
    ServerName [subdomain1].[domain1].com
    DirectoryIndex "index.html" "index.php"
    ErrorDocument 404 /error.html
    <IfModule mod_rewrite.c>
            RewriteEngine On
            RewriteCond %{REQUEST_METHOD} ^TRACE
            RewriteRule .* - [F]
    </IfModule>
    LogLevel warn
    ServerAlias [domain1].com
    ServerAlias [domain1].net
    ServerAlias *.[domain1].com
    ServerAlias *.[domain1].net
    ServerAlias *.[domain1].org
    ServerAlias *.[domain2].com
    ServerAlias [domain2].com
    ServerAlias [subdomain1].[domain2].com
    ServerAlias [subdomain1].[domain1].com

#    ErrorLog logs/dummy-host.example.com-error_log
#    CustomLog logs/dummy-host.example.com-access_log common
</VirtualHost>
    
por tomsv 28.07.2014 / 13:51

0 respostas

Tags

cópia lenta devido a problema de gravação de disco Lync 2013 cancelou chamadas após 5 min