阿里云ECS莫名其妙CPU飙升的原因

随风飘扬学习 2016年02月04日0:58 2733

上次把某个网站数据库删除之后ECS没有出现满CPU的情况了，但是还是经常出现50%以上的情况。这对这

上次把某个网站数据库删除之后ECS没有出现满CPU的情况了，但是还是经常出现50%以上的情况。这对这样一个小站显然是不合理的，今天8:40又出现了报警，于是打开httpd日志看到阿里内网一台机器一直在向网站发出各种各样的请求，估计是阿里云盾，因为还有看到扫描SQL注入漏洞的


121.42.0.38 - - [04/Feb/2016:08:38:06 +0800] "GET /page/5?page=4%27+UNION+ALL+SELECT+CONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%23 HTTP/1.1" 301 26
121.42.0.38 - - [04/Feb/2016:08:38:06 +0800] "GET /page/5?page=-1688%27+UNION+ALL+SELECT+CONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%23 HTTP/1.1" 301 26
121.42.0.38 - - [04/Feb/2016:08:38:07 +0800] "GET /page/5?page=4%27+UNION+ALL+SELECT+CONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%23 HTTP/1.1" 301 26
121.42.0.38 - - [04/Feb/2016:08:38:08 +0800] "GET /page/5?page=-1702%27+UNION+ALL+SELECT+CONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%23 HTTP/1.1" 301 26
121.42.0.38 - - [04/Feb/2016:08:38:08 +0800] "GET /page/5?page=4%27+UNION+ALL+SELECT+CONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%23 HTTP/1.1" 301 26
121.42.0.38 - - [04/Feb/2016:08:38:09 +0800] "GET /organizbuydetail.aspx?guid=63f1322b-be59-4ef0-a8b9-4c8f4c8a7fd6%27%20AND%201927%3DCONVERT%28INT%2C%28SELECT%20CHAR%28113%29%2BCHAR%2898%29%2BCHAR%2898%29%2BCHAR%28113%29%2BCHAR%28113%29%2B%28SELECT%20SUBSTRING%28%28ISNULL%28CAST%28124789213-12312412%20AS%20NVARCHAR%284000%29%29%2CCHAR%2832%29%29%29%2C1%2C1024%29%29%2BCHAR%28113%29%2BCHAR%28113%29%2BCHAR%28118%29%2BCHAR%28106%29%2BCHAR%28113%29%29%29%20AND%20%27Pjcs%27%3D%27Pjcs&productguid=0c06ac6c-c074-46bc-87b4-cbf9b72bd390 HTTP/1.1" 301 -
121.42.0.38 - - [04/Feb/2016:08:38:09 +0800] "GET /page/5?page=-1007%27+UNION+ALL+SELECT+CONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%23 HTTP/1.1" 301 26
121.42.0.38 - - [04/Feb/2016:08:38:09 +0800] "GET /page/5?page=4%27+UNION+ALL+SELECT+CONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%23 HTTP/1.1" 301 26
121.42.0.38 - - [04/Feb/2016:08:38:10 +0800] "GET /page/5?page=-1569%27+UNION+ALL+SELECT+CONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%23 HTTP/1.1" 301 26
121.42.0.38 - - [04/Feb/2016:08:38:11 +0800] "GET /page/5?page=4%27+UNION+ALL+SELECT+CONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%23 HTTP/1.1" 301 26
121.42.0.38 - - [04/Feb/2016:08:38:11 +0800] "GET /page/5?page=-1027%27+UNION+ALL+SELECT+CONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%23 HTTP/1.1" 301 26
121.42.0.38 - - [04/Feb/2016:08:38:12 +0800] "GET /page/5?page=4%27+UNION+ALL+SELECT+CONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%23 HTTP/1.1" 301 26
121.42.0.38 - - [04/Feb/2016:08:38:12 +0800] "GET /page/5?page=-1353%27+UNION+ALL+SELECT+CONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%23 HTTP/1.1" 301 26
121.42.0.38 - - [04/Feb/2016:08:38:13 +0800] "GET /page/5?page=4%27+UNION+ALL+SELECT+CONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%23 HTTP/1.1" 301 26
121.42.0.38 - - [04/Feb/2016:08:38:13 +0800] "GET /page/5?page=-1941%27+UNION+ALL+SELECT+CONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%2CCONCAT%280x4c5a6f6e4776%2C0x48594f587077%29%23 HTTP/1.1" 301 26

应该就是大量请求才导致CPU飙升的，所以云盾扫描也是造成CPU飙升的原因之一

赞赏小编

Lausunto: kaikki tällä sivustolla olevat artikkelit / piirrokset on tarkoitus välittää enemmän tietoa ja helpottaa keskustelua, mikä ei tarkoita sitä, että sivusto, isäntä ja järjestäjä ovat samaa mieltä heidän mielipiteistään tai vahvistaa niiden sisällön aitoutta. Artikkelien sisältö on tarkoitettu ainoastaan viitteeksi. Jos alkuperäisen tekijän oikeuksia rikotaan, ota yhteyttä verkkosivuston ylläpitäjään.

Kommenttien luettelo

Ei tietoja

阿里云ECS莫名其妙CPU飙升的原因

随风飘扬 学习 2016年02月04日0:58 2733

Kommenttien luettelo

随风飘扬学习 2016年02月04日0:58 2733