Hello everyone, I’m new in the webserver world, and I have a very basic knowledge about Nginx, so I want apologize in advance if I'm making a stupid question.
I have a very basic webserver hosting a WordPress webpage and in the past 3 days I have receiving thousands of below request: 5.122.236.249 - - [24/Aug/2020:12:30:41 +0200] "\x1E\x80\xEBol\xDF\x86z\x84\xA4A^\xAF;\xA1\x98\x1B\x0E\xB7\x88\xD3h\x8FyW\xE4\x0F=.\x15\xF7f:9\xF7\xC3\xBB\xB1}n\xA5\x88\x8B\xE7\xF4\x5C\x80\x98=\xE2X\xC8\xD4\x1Bv/\xDC3yAI\xEE\xE6\xFA\xB1\xF3\x90]\x9EG\xFD\x9B\xAB\x9B:\xA7q\x82*\xE1:\x1A 5.122.236.249 - - [24/Aug/2020:12:30:41 +0200] "P\xCE \x9C\xA9\xB6pS\xD6#1\x84\x22\xB0s\xB8\xAA\x09\x06Ex\xDD\x88\x11\xFC\x0E\xDB\x04\x18~*\xE7h\xD2H\xD422\x83,\xB3u\xDF|\xED\x8BP\x9Box\xA4\x042\xFBz\xAAh\xF9\x14^\x96\xDD\x1D\xF6\xDD*\xF4" 400 173 "-" "-” This comes from a hundred of different IPs and in many requests at same time. Is this kind of DDOS attack or a legitimate request(which my server returns 400 for them)? If is an attack, has a specific name that I can search and try to understand it better and mitigate it? Thank so much for the help. Best Regards, Donda -- Att. Anderson Donda *" **Mar calmo não cria bom marinheiro, muito menos bom capitão.**"*
_______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
