mayx/pages
1
0
Fork 0
mirror of https://codeberg.org/mayx/pages synced 2026-01-02 00:53:41 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
pages/2021/04/18/hide.html
Mayx 3688f93d5d update
2025-12-31 16:00:29 +00:00

330 lines
21 KiB
HTML
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<!-- Begin Jekyll SEO tag v2.8.0 -->
<title>Mayx的运维笔记 - 隐藏自己 | Mayx的博客</title>
<meta name="generator" content="Jekyll v3.9.5" />
<meta property="og:title" content="Mayx的运维笔记 - 隐藏自己" />
<meta name="author" content="mayx" />
<meta property="og:locale" content="zh_CN" />
<meta name="description" content="互联网是个很危险的地方……" />
<meta property="og:description" content="互联网是个很危险的地方……" />
<meta property="og:site_name" content="Mayx的博客" />
<meta property="og:type" content="article" />
<meta property="article:published_time" content="2021-04-18T00:00:00+08:00" />
<meta name="twitter:card" content="summary" />
<meta property="twitter:title" content="Mayx的运维笔记 - 隐藏自己" />
<meta name="google-site-verification" content="huTYdEesm8NaFymixMNqflyCp6Jfvd615j5Wq1i2PHc" />
<meta name="msvalidate.01" content="0ADFCE64B3557DC4DC5F2DC224C5FDDD" />
<meta name="yandex-verification" content="fc0e535abed800be" />
<script type="application/ld+json">
{"@context":"https://schema.org","@type":"BlogPosting","author":{"@type":"Person","name":"mayx"},"dateModified":"2021-04-18T00:00:00+08:00","datePublished":"2021-04-18T00:00:00+08:00","description":"互联网是个很危险的地方……","headline":"Mayx的运维笔记 - 隐藏自己","mainEntityOfPage":{"@type":"WebPage","@id":"/2021/04/18/hide.html"},"publisher":{"@type":"Organization","logo":{"@type":"ImageObject","url":"https://avatars0.githubusercontent.com/u/17966333"},"name":"mayx"},"url":"/2021/04/18/hide.html"}</script>
<!-- End Jekyll SEO tag -->
<link rel="canonical" href="https://mabbs.github.io/2021/04/18/hide.html" />
<link type="application/atom+xml" rel="alternate" href="/atom.xml" title="Mayx的博客" />
<link rel="alternate" type="application/rss+xml" title="Mayx的博客(RSS)" href="/rss.xml" />
<link rel="alternate" type="application/json" title="Mayx的博客(JSON Feed)" href="/feed.json" />
<link rel="stylesheet" href="/assets/css/style.css?v=1767196818" />
<!--[if !IE]> -->
<link rel="stylesheet" href="/Live2dHistoire/live2d/css/live2d.css" />
<!-- <![endif]-->
<link rel="search" type="application/opensearchdescription+xml" href="/opensearch.xml" title="Mayx的博客" />
<link rel="webmention" href="https://webmention.io/mabbs.github.io/webmention" />
<link rel="pingback" href="https://webmention.io/mabbs.github.io/xmlrpc" />
<link rel="preconnect" href="https://summary.mayx.eu.org" crossorigin="anonymous" />
<link rel="prefetch" href="https://www.blogsclub.org/badge/mabbs.github.io" as="image" />
<link rel="blogroll" type="text/xml" href="/blogroll.opml" />
<link rel="me" href="https://github.com/Mabbs" />
<script src="/assets/js/jquery.min.js"></script>
<!--[if lt IE 9]>
<script src="//cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery-ajaxtransport-xdomainrequest/1.0.3/jquery.xdomainrequest.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/respond.js/1.4.2/respond.min.js"></script>
<![endif]-->
<script>
var lastUpdated = new Date("Thu, 01 Jan 2026 00:00:18 +0800");
var BlogAPI = "https://summary.mayx.eu.org";
</script>
<script src="/assets/js/main.js"></script>
<!--[if !IE]> -->
<!-- Global site tag (gtag.js) - Google Analytics -->
<script async="async" src="https://www.googletagmanager.com/gtag/js?id=UA-137710294-1"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'UA-137710294-1');
</script>
<script src="/assets/js/instant.page.js" type="module"></script>
<!-- <![endif]-->
</head>
<body>
<!--[if !IE]> --><noscript><marquee style="top: -15px; position: relative;"><small>发现当前浏览器没有启用JavaScript这不影响你的浏览但可能会有一些功能无法使用……</small></marquee></noscript><!-- <![endif]-->
<!--[if IE]><marquee style="top: -15px; position: relative;"><small>发现当前浏览器为Internet Explorer这不影响你的浏览但可能会有一些功能无法使用……</small></marquee><![endif]-->
<div class="wrapper">
<header class="h-card">
<h1><a class="u-url u-uid p-name" rel="me" href="/">Mayx的博客</a></h1>
<img src="https://avatars0.githubusercontent.com/u/17966333" fetchpriority="high" class="u-photo" alt="Logo" style="width: 90%; max-width: 300px; max-height: 300px;" />
<p class="p-note">Mayx's Home Page</p>
<form action="/search.html">
<input type="text" name="keyword" id="search-input-all" placeholder="Search blog posts.." />&#160;<input type="submit" value="搜索" />
</form>
<br />
<p class="view"><a class="u-url" href="/Mabbs/">About me</a></p>
<ul class="downloads">
<li style="width: 270px; border-right: none;"><a href="/MayxBlog.tgz">Download <strong>TGZ File</strong></a></li>
</ul>
</header>
<section class="h-entry">
<small><time class="date dt-published" datetime="2021-04-18T00:00:00+08:00">18 April 2021</time> - 字数统计1869 - 阅读大约需要6分钟 - Hits: <span id="/2021/04/18/hide.html" class="visitors">Loading...</span></small>
<h1 class="p-name">Mayx的运维笔记 - 隐藏自己</h1>
<p class="view">by <a class="p-author h-card" href="//github.com/Mabbs">mayx</a></p>
<div id="outdate" style="display:none;">
<hr /><p>
这是一篇创建于 <span id="outime"></span> 天前的文章,其中的信息可能已经有所发展或是发生改变。
</p>
</div>
<script>
daysold = Math.floor((new Date().getTime() - new Date("Sun, 18 Apr 2021 00:00:00 +0800").getTime()) / (24 * 60 * 60 * 1000));
if (daysold > 90) {
document.getElementById("outdate").style.display = "block";
document.getElementById("outime").innerHTML = daysold;
}
</script>
<hr />
<b>AI摘要</b>
<p id="ai-output">这篇文章记录了运维者Mayx处理网站内存溢出问题的经历。在处理过程中他发现服务器被一个IP地址159.89.47.109攻击且真实IP可能已被泄露。为保护服务器他决定修改运行模式、升级服务器配置、使用frp保护SSH端口并通过Vultr API更换了服务器的IP。同时他还提到在处理过程中遇到的API变化从V1升级到V2以便更好地利用其RESTful特性来整合通知功能。最后他强调了网站安全的重要性遇到问题要及时备份和调整策略。</p>
<hr />
<ul><li><a href="#起因">起因</a></li><li><a href="#解决ip泄露">解决IP泄露</a></li><li><a href="#更新快照脚本">更新快照脚本</a></li><li><a href="#总结">总结</a></li></ul>
<hr />
<main class="post-content e-content" role="main"><p>互联网是个很危险的地方……<!--more--></p>
<h1 id="起因">
<a href="#起因"><svg class='octicon' viewBox='0 0 16 16' version='1.1' width='16' height='32' aria-hidden='true'><path fill-rule='evenodd' d='M7.775 3.275a.75.75 0 001.06 1.06l1.25-1.25a2 2 0 112.83 2.83l-2.5 2.5a2 2 0 01-2.83 0 .75.75 0 00-1.06 1.06 3.5 3.5 0 004.95 0l2.5-2.5a3.5 3.5 0 00-4.95-4.95l-1.25 1.25zm-4.69 9.64a2 2 0 010-2.83l2.5-2.5a2 2 0 012.83 0 .75.75 0 001.06-1.06 3.5 3.5 0 00-4.95 0l-2.5 2.5a3.5 3.5 0 004.95 4.95l1.25-1.25a.75.75 0 00-1.06-1.06l-1.25 1.25a2 2 0 01-2.83 0z'></path></svg></a> 起因
</h1>
<p>最近几天我维护的花火学园貌似时不时的会爆内存……不过这倒是也是正常的事情PHP好像默认情况下不会自己释放内存我之前本来是想把那个运行模式改成ondemand但是看网上说好像都不怎么推荐……但是既然已经爆了几次内存那我也没得选了就把运行模式改了。 </p><p>
在检查服务器的这段时间里我发现居然有一个不自量力的家伙在爆破我的服务器看IP是159.89.47.109,随便访问了一下想不到上面还跑了个网站?不知道是这个网站被黑了变成肉鸡了还是这个网站的所有人确实脑子有问题……</p>
<h1 id="解决ip泄露">
<a href="#解决ip泄露"><svg class='octicon' viewBox='0 0 16 16' version='1.1' width='16' height='32' aria-hidden='true'><path fill-rule='evenodd' d='M7.775 3.275a.75.75 0 001.06 1.06l1.25-1.25a2 2 0 112.83 2.83l-2.5 2.5a2 2 0 01-2.83 0 .75.75 0 00-1.06 1.06 3.5 3.5 0 004.95 0l2.5-2.5a3.5 3.5 0 00-4.95-4.95l-1.25 1.25zm-4.69 9.64a2 2 0 010-2.83l2.5-2.5a2 2 0 012.83 0 .75.75 0 001.06-1.06 3.5 3.5 0 00-4.95 0l-2.5 2.5a3.5 3.5 0 004.95 4.95l1.25-1.25a.75.75 0 00-1.06-1.06l-1.25 1.25a2 2 0 01-2.83 0z'></path></svg></a> 解决IP泄露
</h1>
<p>总之无论如何这已经证明了论坛的真实IP已经泄露了因为我开了很多防火墙白名单对网络流量这一块限制的很严格所以正常情况下外面是不应该知道我的网站IP的不过我的SSH端口虽然改了但是因为我的位置经常在变所以这个并没有设置白名单。 </p><p>
不过还有一个可能性最近貌似有个自称Tyosakuken FANZA的家伙给我们的运营商发了DMCA投诉CloudFlare是真的会把真实IP告诉投诉者的。我不知道这个发投诉的人是个啥情况总之这个公司貌似是日本的先把日本的流量全封了再说。 </p><p>
另外IP肯定是要改了正好趁这个机会干脆再小幅度的升一下服务器的配置好了之前一直用的是Vultr的Cloud Compute这次试试High Frequency说不定速度会变快。于是我就用快照重新部署了一下服务器。结果在等它部署的期间居然睡着了😂这下可用率又要掉了。 </p><p>
不过SSH端口这个……我也不能每次要用的时候再去开它那样很麻烦所以……我想了想要不然就用frp吧直接不开放SSH端口流量就从frp里经过而且这个东西还支持访问验证这样也能避免被扫了不过我确实还是没办法确认这个东西的安全性不知道这到底是提高了破解难度还是放了个定时炸弹……毕竟它是可以无视防火墙的啊。</p>
<h1 id="更新快照脚本">
<a href="#更新快照脚本"><svg class='octicon' viewBox='0 0 16 16' version='1.1' width='16' height='32' aria-hidden='true'><path fill-rule='evenodd' d='M7.775 3.275a.75.75 0 001.06 1.06l1.25-1.25a2 2 0 112.83 2.83l-2.5 2.5a2 2 0 01-2.83 0 .75.75 0 00-1.06 1.06 3.5 3.5 0 004.95 0l2.5-2.5a3.5 3.5 0 00-4.95-4.95l-1.25 1.25zm-4.69 9.64a2 2 0 010-2.83l2.5-2.5a2 2 0 012.83 0 .75.75 0 001.06-1.06 3.5 3.5 0 00-4.95 0l-2.5 2.5a3.5 3.5 0 004.95 4.95l1.25-1.25a.75.75 0 00-1.06-1.06l-1.25 1.25a2 2 0 01-2.83 0z'></path></svg></a> 更新快照脚本
</h1>
<p>换了IP之后服务器的ID也跟着一起变了我正打算改这个东西的时候发现Vultr怎么也变了原来用的是SUBID现在变成了实例ID了……当时我不是很精通API所以是从<a href="/2020/06/17/backup.html">网上随便找的脚本</a>现在我用PHP调API调的也算熟练了吧正好这次V1的API貌似要被废弃了我就看看文档整个V2的API吧。代码如下</p>
<div class="language-php highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="cp">&lt;?php</span>
<span class="nv">$api_key</span><span class="o">=</span><span class="s2">"APIKey"</span><span class="p">;</span>
<span class="nv">$instance_id</span><span class="o">=</span><span class="s2">"实例ID"</span><span class="p">;</span>
<span class="nb">file_get_contents</span><span class="p">(</span><span class="s2">"https://api.vultr.com/v2/snapshots"</span><span class="p">,</span> <span class="kc">false</span><span class="p">,</span> <span class="nb">stream_context_create</span><span class="p">(</span><span class="k">array</span><span class="p">(</span><span class="s1">'http'</span> <span class="o">=&gt;</span> <span class="k">array</span><span class="p">(</span><span class="s1">'method'</span><span class="o">=&gt;</span><span class="s1">'POST'</span><span class="p">,</span><span class="s1">'header'</span><span class="o">=&gt;</span><span class="s2">"Content-Type: application/json;charset=utf-8</span><span class="se">\r\n</span><span class="s2">Authorization: Bearer "</span><span class="mf">.</span><span class="nv">$api_key</span><span class="p">,</span><span class="s1">'content'</span><span class="o">=&gt;</span><span class="s1">'{"instance_id": "'</span><span class="mf">.</span><span class="nv">$instance_id</span><span class="mf">.</span><span class="s1">'"}'</span><span class="p">))));</span>
<span class="nv">$snapshot_list</span><span class="o">=</span><span class="nb">json_decode</span><span class="p">(</span><span class="nb">file_get_contents</span><span class="p">(</span><span class="s2">"https://api.vultr.com/v2/snapshots"</span><span class="p">,</span><span class="kc">false</span><span class="p">,</span><span class="nb">stream_context_create</span><span class="p">(</span><span class="k">array</span><span class="p">(</span><span class="s1">'http'</span> <span class="o">=&gt;</span> <span class="k">array</span><span class="p">(</span><span class="s1">'method'</span><span class="o">=&gt;</span><span class="s1">'GET'</span><span class="p">,</span><span class="s1">'header'</span><span class="o">=&gt;</span><span class="s2">"Authorization: Bearer "</span><span class="mf">.</span><span class="nv">$api_key</span><span class="p">)))),</span><span class="kc">true</span><span class="p">);</span>
<span class="k">if</span><span class="p">(</span><span class="nv">$snapshot_list</span><span class="p">[</span><span class="s2">"meta"</span><span class="p">][</span><span class="s2">"total"</span><span class="p">]</span><span class="o">&gt;</span><span class="mi">10</span><span class="p">){</span>
<span class="nb">file_get_contents</span><span class="p">(</span><span class="s2">"https://api.vultr.com/v2/snapshots/"</span><span class="mf">.</span><span class="nv">$snapshot_list</span><span class="p">[</span><span class="s2">"snapshots"</span><span class="p">][</span><span class="mi">0</span><span class="p">][</span><span class="s2">"id"</span><span class="p">],</span><span class="kc">false</span><span class="p">,</span><span class="nb">stream_context_create</span><span class="p">(</span><span class="k">array</span><span class="p">(</span><span class="s1">'http'</span> <span class="o">=&gt;</span> <span class="k">array</span><span class="p">(</span><span class="s1">'method'</span><span class="o">=&gt;</span><span class="s1">'DELETE'</span><span class="p">,</span><span class="s1">'header'</span><span class="o">=&gt;</span><span class="s2">"Authorization: Bearer "</span><span class="mf">.</span><span class="nv">$api_key</span><span class="p">))));</span>
<span class="p">}</span>
</code></pre></div></div>
<p>像这个也可以整合我之前写的<a href="/2021/02/02/serverchan.html">测试号通知</a>或者<a href="/2021/02/26/serverchancorp.html">企业号通知</a>来用用之前记得加上addslashes不然可能会出问题。 </p><p>
另外这个V2的API貌似还是RESTful的呢看起来倒是更简单易懂了。</p>
<h1 id="总结">
<a href="#总结"><svg class='octicon' viewBox='0 0 16 16' version='1.1' width='16' height='32' aria-hidden='true'><path fill-rule='evenodd' d='M7.775 3.275a.75.75 0 001.06 1.06l1.25-1.25a2 2 0 112.83 2.83l-2.5 2.5a2 2 0 01-2.83 0 .75.75 0 00-1.06 1.06 3.5 3.5 0 004.95 0l2.5-2.5a3.5 3.5 0 00-4.95-4.95l-1.25 1.25zm-4.69 9.64a2 2 0 010-2.83l2.5-2.5a2 2 0 012.83 0 .75.75 0 001.06-1.06 3.5 3.5 0 00-4.95 0l-2.5 2.5a3.5 3.5 0 004.95 4.95l1.25-1.25a.75.75 0 00-1.06-1.06l-1.25 1.25a2 2 0 01-2.83 0z'></path></svg></a> 总结
</h1>
<p>总之在网上一定要注意网站安全一旦有出问题的迹象要赶紧备份有必要的情况该换IP就只能换了。</p></main>
<small style="display: block">tags: <a rel="category tag" class="p-category" href="/search.html?keyword=%E8%BF%90%E7%BB%B4"><em>运维</em></a> - <a rel="category tag" class="p-category" href="/search.html?keyword=%E7%AC%94%E8%AE%B0"><em>笔记</em></a> - <a rel="category tag" class="p-category" href="/search.html?keyword=%E9%9A%90%E8%97%8F"><em>隐藏</em></a> <span style="float: right;"><a href="https://gitlab.com/mayx/mayx.gitlab.io/tree/master/_posts/2021-04-18-hide.md">查看原始文件</a></span></small>
<h4 style="border-bottom: 1px solid #e5e5e5;margin: 2em 0 5px;">推荐文章</h4>
<p id="suggest-container">Loading...</p>
<script>
var suggest = $("#suggest-container");
$.get(BlogAPI + "/suggest?id=/2021/04/18/hide.html&update=" + lastUpdated.valueOf(), function (data) {
if (data.length) {
getSearchJSON(function (search) {
suggest.empty();
var searchMap = {};
for (var i = 0; i < search.length; i++) {
searchMap[search[i].url] = search[i];
}
var tooltip = $('<div class="content-tooltip"></div>').appendTo('body').hide();
for (var j = 0; j < data.length; j++) {
var item = searchMap[data[j].id];
if (item) {
var link = $('<a href="' + item.url + '">' + item.title + '</a>');
var contentPreview = item.content.substring(0, 100);
if (item.content.length > 100) {
contentPreview += "……";
}
link.hover(
function(e) {
tooltip.text($(this).data('content'))
.css({
top: e.pageY + 10,
left: e.pageX + 10
})
.show();
},
function() {
tooltip.hide();
}
).mousemove(function(e) {
tooltip.css({
top: e.pageY + 10,
left: e.pageX + 10
});
}).data('content', contentPreview);
suggest.append(link);
suggest.append(' - ' + item.date + '<br />');
}
}
});
} else {
suggest.html("暂无推荐文章……");
}
});
</script>
<br />
<div class="pagination">
<span class="prev">
<a href="/2021/04/09/weauth.html">
上一篇自制微信二维码登录API
</a>
</span>
<br />
<span class="next">
<a href="/2021/05/07/ssh.html">
下一篇:网络任意互联指南
</a>
</span>
</div>
<!--[if !IE]> -->
<link rel="stylesheet" href="/assets/css/gitalk.css">
<script src="/assets/js/gitalk.min.js"></script>
<div id="gitalk-container"></div>
<script>
var gitalk = new Gitalk({
clientID: '36557aec4c3cb04f7ac6',
clientSecret: 'ac32993299751cb5a9ba81cf2b171cca65879cdb',
repo: 'mabbs.github.io',
owner: 'Mabbs',
admin: ['Mabbs'],
id: '/2021/04/18/hide', // Ensure uniqueness and length less than 50
distractionFreeMode: false, // Facebook-like distraction free mode
proxy: "https://cors-anywhere.mayx.eu.org/?https://github.com/login/oauth/access_token"
})
gitalk.render('gitalk-container')
</script>
<!-- <![endif]-->
</section>
<!--[if !IE]> -->
<div id="landlord" style="left:5px;bottom:0px;">
<div class="message" style="opacity:0"></div>
<canvas id="live2d" width="500" height="560" class="live2d"></canvas>
<div class="live_talk_input_body">
<form id="live_talk_input_form">
<div class="live_talk_input_name_body" >
<input type="checkbox" id="load_this" />
<input type="hidden" id="post_id" value="/2021/04/18/hide.html" />
<label for="load_this">
<span style="font-size: 11px; color: #fff;">&#160;想问这篇文章</span>
</label>
</div>
<div class="live_talk_input_text_body">
<input name="talk" type="text" class="live_talk_talk white_input" id="AIuserText" autocomplete="off" placeholder="要和我聊什么呀?" />
<button type="submit" class="live_talk_send_btn" id="talk_send">发送</button>
</div>
</form>
</div>
<input name="live_talk" id="live_talk" value="1" type="hidden" />
<div class="live_ico_box" style="display:none;">
<div class="live_ico_item type_info" id="showInfoBtn"></div>
<div class="live_ico_item type_talk" id="showTalkBtn"></div>
<div class="live_ico_item type_music" id="musicButton"></div>
<div class="live_ico_item type_youdu" id="youduButton"></div>
<div class="live_ico_item type_quit" id="hideButton"></div>
<input name="live_statu_val" id="live_statu_val" value="0" type="hidden" />
<audio src="" style="display:none;" id="live2d_bgm" data-bgm="0" preload="none"></audio>
<input id="duType" value="douqilai" type="hidden" />
</div>
</div>
<div id="open_live2d">召唤伊斯特瓦尔</div>
<!-- <![endif]-->
<footer>
<p>
<small>Made with ❤ by Mayx<br />Last updated at 2026-01-01 00:00:18<br /> 总字数614622 - 文章数178 - <a href="/atom.xml" >Atom</a> - <a href="/README.html" >About</a></small>
</p>
</footer>
</div>
<script src="/assets/js/scale.fix.js"></script>
<!--[if !IE]> -->
<script src="/assets/js/main_new.js"></script>
<script src="/Live2dHistoire/live2d/js/live2d.js"></script>
<script src="/Live2dHistoire/live2d/js/message.js"></script>
<!-- <![endif]-->
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink