<分区>
我的服务器受到了攻击,并通过在 apache conf 文件中包含以下内容来阻止 xmlrpc
访问:
<files xmlrpc.php>
order allow,deny
deny from all
</files>
现在,它不是每隔几个小时就破坏 mysql 服务,而是每天破坏一次/两次。这仍然是一个问题。 fail2ban
禁止 2 次失败的 ssh 尝试一个小时。但是,我确实在 daemon.log
中看到了大约 100 多个以下条目:
mysqld[18852]: 2016-10-13 3:06:40 139773247216384 [Warning] Access denied for user 'root'@'139.196.28.237' (using password: YES)
所有这 100 多次尝试都在一分钟内发生,大约一个小时后我看到几条消息,例如:
mysqld[18852]: 2016-10-13 3:32:52 139773325777664 [Warning] Unsafe statement written to the binary log using statement format since BINLOG_FORMAT = STATEMENT. The statement is unsafe because it uses a LIMIT clause. This is unsafe because the set of rows included cannot be predicted. Statement: DELETE FROM
wp_generic_options
WHEREoption_name
LIKE 'jetpack\_nonce\_%' AND CAST(option_value
AS UNSIGNED ) < 1476340372 ORDER BYoption_id
LIMIT 100
一段时间后,mysql服务好像重启了,但是又失败了,在错误日志中发现如下几行:
InnoDB: Initializing buffer pool, size = 256.0M
InnoDB: mmap(281542656 bytes) failed; errno 12
InnoDB: Cannot allocate memory for the buffer pool
Plugin 'InnoDB' init function returned error.
Plugin 'InnoDB' registration as a STORAGE ENGINE failed.
Unknown/unsupported storage engine: InnoDB
Aborting
有人可以向我解释发生了什么吗?以及如何阻止和防止它再次发生?