Jerry CHU的工作日誌

vi /rorot/php-fpm.sh #!/bin/bash php_url="http://localhost/hscheck.php" RESULT='curl -I $php_url | grep "HTTP/1.1 502"' if [ -n "$RESULT" ]; then killall -9 php-fpm service php-fpm restart fi chmod 755 /rorot/php-fpm.sh 加入排程 */1 * * * * /root/php-fpm.sh 參考  https://blog.csdn.net/weixin_42410566/article/details/115757768

 vi /etc/nginx/conf.d/default.conf # IPv4 allow 103.21.244.0/22; allow 103.22.200.0/22; allow 103.31.4.0/22; allow 104.16.0.0/13; allow 104.24.0.0/14; allow 108.162.192.0/18; allow 131.0.72.0/22; allow 141.101.64.0/18; allow 162.158.0.0/15; allow 172.64.0.0/13; allow 173.245.48.0/20; allow 188.114.96.0/20; allow 190.93.240.0/20; allow 197.234.240.0/22; allow 98.41.128.0/17; # IPv6 allow 2400:cb00::/32; allow 2606:4700::/32; allow 2803:f800::/32; allow 2405:b500::/32; allow 2405:8100::/32; allow 2a06:98c0::/29; allow 2c0f:f248::/32; deny all; deny all; 重新啟動 nginx

參照URL https://blog.iphpo.com/blog/2017/09/%E5%9C%A8-centos-7-%E4%B8%8A%E5%AE%89%E8%A3%9D-nginx-%E7%9A%84-modsecurity-module/ 安裝官方 nginx 先在/etc/yum.repos.d新增一個nginx.repo的檔案 並加入以下內容 [nginx] name=nginx repo baseurl=http: //nginx.org/packages/centos/$releasever/$basearch/ gpgcheck= 0 enabled= 1 這樣在 yum install nginx 的時候就會是最新的stable version 安裝依賴套件 yum install -y epel-release yum groupinstall -y 'Development Tools' yum install -y git lmdb lmdb-devel libxml2 libxml2-devel pcre pcre-devel curl libcurl-devel GeoIP GeoIP-devel yajl yajl-devel Compile Modsecurity Lib 先 clone git clone --depth 1 -b v3/master --single-branch https://github.com/SpiderLabs/ModSecurity 安裝 cd ModSecurity git submodule init git submodule update ./build.sh ./configure make make install 在 build.sh 的時候會出現像錯誤的訊息 fatal: No names found, cannot describe anything. 不用管他 下載 nginx 與 modsecurity-nginx connector git clone --depth 1 https://github.com/SpiderLabs/ModSecurity-nginx.git 下載 nginx 的 source 之前要看自己的 nginx 版...

在CentOS或Linux環境下萬一被掛馬要怎麼找出來? //搜尋關鍵字過濾檔案內容 find /home/dir -type f -name "*.php" |xargs grep "eval(" find /home/dir -type f -name "*.php" |xargs grep "filecontent" find /home/dir -type f -name "*.php" |xargs grep "phpinfo" find /home/dir -type f -name "*.php" |xargs grep "get_magic_quotes_gpc" //搜尋一天內有更新的文件 find /home/fac -mtime 0 參考 https://xz.aliyun.com/t/9246 參考https://mini.nidbox.com/diary/read/9852743