Ho un progetto Ubuntu, Apache, Passenger e Rails 4 su AWS EC2.
Non ho familiarità con il lato sicurezza e server del mio progetto. Di recente, il mio sito era inattivo a causa di "troppi utenti", quindi quando ho controllato il mio
tail -f log/production.log
Ho visto che ricevevo richieste GET non-stop da IP casuali alla mia home page. Le richieste non si sono fermate e continuano a riempire il mio server.
Il mio server viene utilizzato come proxy o viene attaccato? Come posso evitare che questo continui a succedere?
Ho tentato di utilizzare questa guida ma, come vedrai dal mio altro post SO, non ho avuto successo e sono riuscito a bloccare TUTTE le richieste, incluse quelle valide. link link
Log: questo raggruppamento si ripete con un nuovo IP non stop
I, [2015-04-02T16:38:47.692152 #11851] INFO -- : Rendered layouts/_google_analytics.html.erb (0.1ms)
I, [2015-04-02T16:38:47.692709 #11851] INFO -- : Completed 200 OK in 9ms (Views: 8.6ms | ActiveRecord: 0.0ms)
I, [2015-04-02T16:38:49.073504 #11851] INFO -- : Started GET "/" for 54.252.254.204 at 2015-04-02 16:38:49 +0000
I, [2015-04-02T16:38:49.077260 #11851] INFO -- : Processing by HomeController#home_page as */*
I, [2015-04-02T16:38:49.084489 #11851] INFO -- : Rendered home/_sign_up_modal.html.erb (1.6ms)
I, [2015-04-02T16:38:49.084799 #11851] INFO -- : Rendered home/home_page.html.erb within layouts/application (6.2ms)
I, [2015-04-02T16:38:49.085349 #11851] INFO -- : Rendered /home/ubuntu/.rvm/gems/ruby-2.1.5/gems/stripe-rails-0.3.1/app/views/stripe/_js.html.erb (0.1ms)
I, [2015-04-02T16:38:49.086550 #11851] INFO -- : Rendered layouts/_google_analytics.html.erb (0.0ms)
I, [2015-04-02T16:38:49.087121 #11851] INFO -- : Completed 200 OK in 10ms (Views: 8.8ms | ActiveRecord: 0.0ms)
I, [2015-04-02T16:38:50.166665 #11851] INFO -- : Started GET "/" for 107.23.255.12 at 2015-04-02 16:38:50 +0000
I, [2015-04-02T16:38:50.169943 #11851] INFO -- : Processing by HomeController#home_page as */*
I, [2015-04-02T16:38:50.176601 #11851] INFO -- : Rendered home/_sign_up_modal.html.erb (1.4ms)
I, [2015-04-02T16:38:50.176924 #11851] INFO -- : Rendered home/home_page.html.erb within layouts/application (5.5ms)
I, [2015-04-02T16:38:50.177425 #11851] INFO -- : Rendered /home/ubuntu/.rvm/gems/ruby-2.1.5/gems/stripe-rails-0.3.1/app/views/stripe/_js.html.erb (0.1ms)
E un altro set da un diverso periodo di tempo:
I, [2015-04-03T19:37:02.737535 #8097] INFO -- : Rendered layouts/_google_analytics.html.erb (0.1ms)
I, [2015-04-03T19:37:02.738015 #8097] INFO -- : Completed 200 OK in 8ms (Views: 7.1ms | ActiveRecord: 0.0ms)
I, [2015-04-03T19:37:06.459500 #8097] INFO -- : Started GET "/" for 54.255.254.236 at 2015-04-03 19:37:06 +0000
I, [2015-04-03T19:37:06.462434 #8097] INFO -- : Processing by HomeController#home_page as */*
I, [2015-04-03T19:37:06.468158 #8097] INFO -- : Rendered home/_sign_up_modal.html.erb (1.2ms)
I, [2015-04-03T19:37:06.468466 #8097] INFO -- : Rendered home/home_page.html.erb within layouts/application (4.8ms)
I, [2015-04-03T19:37:06.469006 #8097] INFO -- : Rendered /home/ubuntu/.rvm/gems/ruby-2.1.5/gems/stripe-rails-0.3.1/app/views/stripe/_js.html.erb (0.1ms)
I, [2015-04-03T19:37:06.470022 #8097] INFO -- : Rendered layouts/_google_analytics.html.erb (0.1ms)
I, [2015-04-03T19:37:06.470502 #8097] INFO -- : Completed 200 OK in 8ms (Views: 7.2ms | ActiveRecord: 0.0ms)
I, [2015-04-03T19:37:07.079266 #8097] INFO -- : Started GET "/" for 54.183.255.140 at 2015-04-03 19:37:07 +0000
I, [2015-04-03T19:37:07.081831 #8097] INFO -- : Processing by HomeController#home_page as */*
I, [2015-04-03T19:37:07.087211 #8097] INFO -- : Rendered home/_sign_up_modal.html.erb (1.2ms)
I, [2015-04-03T19:37:07.087518 #8097] INFO -- : Rendered home/home_page.html.erb within layouts/application (4.6ms)
I, [2015-04-03T19:37:07.088029 #8097] INFO -- : Rendered /home/ubuntu/.rvm/gems/ruby-2.1.5/gems/stripe-rails-0.3.1/app/views/stripe/_js.html.erb (0.1ms)
I, [2015-04-03T19:37:07.089000 #8097] INFO -- : Rendered layouts/_google_analytics.html.erb (0.1ms)
I, [2015-04-03T19:37:07.089471 #8097] INFO -- : Completed 200 OK in 7ms (Views: 6.8ms | ActiveRecord: 0.0ms)
I, [2015-04-03T19:37:09.102373 #8097] INFO -- : Started GET "/" for 107.23.255.12 at 2015-04-03 19:37:09 +0000
I, [2015-04-03T19:37:09.105359 #8097] INFO -- : Processing by HomeController#home_page as */*
I, [2015-04-03T19:37:09.111001 #8097] INFO -- : Rendered home/_sign_up_modal.html.erb (1.2ms)
I, [2015-04-03T19:37:09.111348 #8097] INFO -- : Rendered home/home_page.html.erb within layouts/application (4.8ms)
I, [2015-04-03T19:37:09.111855 #8097] INFO -- : Rendered /home/ubuntu/.rvm/gems/ruby-2.1.5/gems/stripe-rails-0.3.1/app/views/stripe/_js.html.erb (0.1ms)
L'unica differenza con ogni richiesta è che il GET proviene da un diverso 54. ###. ##. ### IP che cambia ogni volta. Nessuno di loro sono utenti, ne sono sicuro.
Started GET "/" for 54.###.##.### at 2015-04-01 21:37:44 +0000
E il mio .conf
/etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
ServerName ec2-54-###-###-##.us-west-2.compute.amazonaws.com
# !!! Be sure to point DocumentRoot to 'public'!
DocumentRoot /etc/projects/myapp/public
<Directory /etc/projects/myapp/public>
#Options FollowSymLinks
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Order deny,allow
Allow from all
</Directory>
Posso fornire più informazioni se necessario.
Che cosa posso fare per risolvere questo problema?